A long time ago, in a galaxy far, far way, someone said...

> Andrew,
> 
> I also have proftpd running but it was _not_ called from inet.conf.  
> I added the line like you suggested.  I also confirmed I have tcp
> wrappers installed.  After that I nmap'd myself and I see a several
> listings that are not in the inet.conf..where can I turn these off?
> 
> 111/tcp       open    Sunrpc
> 113/tcp       open    auth  <--- need that one?
> 515/tcp       open    printer
> 6000/tcp      open    X11

'auth' typically isn't needed for operation - sometimes it actually slows
things down (turing 'auth' off drastically imporved the speed of my web
server!)  You should be able to stop it with "/etc/init.d/identd stop" as
root.

The 'printer' service is provided by /etc/init.d/lprng - it's run at
startup.  Ditto with sunrpc.  X11 is for remote access to your GUI display
system.

> Additionally, I noticed that smtp is not called like ftp is with the
> /usr/sbin/tcpd first, it's just called /usr/sbin/exim....does this
> mean that hosts.deny would not protect that port?

Likely not.

> (getting a little confused here)

System security can be very confusing.

-- 
----------------------------------------------------------------------
Phil Brutsche                               [EMAIL PROTECTED]

"There are two things that are infinite; Human stupidity and the
universe. And I'm not sure about the universe." - Albert Einstien

Reply via email to