Hello Tong (<[EMAIL PROTECTED]>) wrote:
> I've just noticed that my debian testing open many ports by default: Some of them are opened by inetd. You can use "dpkg-reconfigure inetd", or edit /etc/inetd.conf and comment out the protocols you don't need. After that, restart inetd. > tcp 0 0 *:www *:* LISTEN This is a web server, maybe apache. It probably runs in standalone mode. If you don't need it, deinstall it. You can also bind it to some or several IPs like Cups or ssh. > tcp 0 0 *:x11-1 *:* LISTEN Check your login manager. Maby it opens a port. Look for Xservers files on your system. If you use kdm, open /etc/kde3/kdm/Xservers, and change all the lines like this: original: :0 [EMAIL PROTECTED] /usr/X11R6/bin/X vt7 changed: :0 [EMAIL PROTECTED] /usr/X11R6/bin/X -nolisten tcp vt7 > tcp 0 0 *:auth *:* LISTEN Some identd, like oidentd or pidentd. Probably run from inetd, and pretty harmless. You may need this one for some IRC networks. If you don't need it, deinstall it. > tcp 0 0 *:ssh *:* LISTEN Well, you should know what this is. You can configure ssh to listen only to selected IPs, e.g. those of your LAN interface, if you want. Check the sshd_config man page. > tcp 0 0 *:ipp *:* LISTEN Probably Cups printing. If you only use the printer on the computer Cups runs on, open /etc/cups/cupsd.conf, replace "Port 631" by "Listen 127.0.0.1:631" and restart Cups. > udp 0 0 *:ipp *:* Again Cups, this time browsing for network printers. If you don't need this, change "Browsing On" to "Browsing Off" in /etc/cups/cupsd.conf. best regards Andreas Janssen -- Andreas Janssen <[EMAIL PROTECTED]> PGP-Key-ID: 0xDC801674 ICQ #17079270 Registered Linux User #267976 http://www.andreas-janssen.de/debian-tipps.html -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]