Hello
Tong (<[EMAIL PROTECTED]>) wrote:
> I've just noticed that my debian testing open many ports by default:
Some of them are opened by inetd. You can use "dpkg-reconfigure inetd",
or edit /etc/inetd.conf and comment out the protocols you don't need.
After that, restart inetd.
> tcp 0 0 *:www *:* LISTEN
This is a web server, maybe apache. It probably runs in standalone mode.
If you don't need it, deinstall it. You can also bind it to some or
several IPs like Cups or ssh.
> tcp 0 0 *:x11-1 *:* LISTEN
Check your login manager. Maby it opens a port. Look for Xservers files
on your system. If you use kdm, open /etc/kde3/kdm/Xservers, and change
all the lines like this:
original:
:0 [EMAIL PROTECTED] /usr/X11R6/bin/X vt7
changed:
:0 [EMAIL PROTECTED] /usr/X11R6/bin/X -nolisten tcp vt7
> tcp 0 0 *:auth *:* LISTEN
Some identd, like oidentd or pidentd. Probably run from inetd, and
pretty harmless. You may need this one for some IRC networks. If you
don't need it, deinstall it.
> tcp 0 0 *:ssh *:* LISTEN
Well, you should know what this is. You can configure ssh to listen only
to selected IPs, e.g. those of your LAN interface, if you want. Check
the sshd_config man page.
> tcp 0 0 *:ipp *:* LISTEN
Probably Cups printing. If you only use the printer on the computer Cups
runs on, open /etc/cups/cupsd.conf, replace "Port 631" by
"Listen 127.0.0.1:631" and restart Cups.
> udp 0 0 *:ipp *:*
Again Cups, this time browsing for network printers. If you don't need
this, change "Browsing On" to "Browsing Off" in /etc/cups/cupsd.conf.
best regards
Andreas Janssen
--
Andreas Janssen <[EMAIL PROTECTED]>
PGP-Key-ID: 0xDC801674 ICQ #17079270
Registered Linux User #267976
http://www.andreas-janssen.de/debian-tipps.html
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
