>> I read something online, and wonder: >> 1] shall I close the port 123 > > Probably you should, unless you're providing ntp to some other hosts.s
I have disabled the ntp. Here is other two things: 1] about port 631, can I turn it off? since I only print very occasionally, I don't know the real purpose of cupsd; 2] I don't know why the dhclient occupy several ports to listen, and what's a little annoying is that seems my IP address barely changed even I reboot after one night. # netstat -nltup Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 3288/cupsd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 3776/exim4 tcp 0 0 127.0.0.1:2628 0.0.0.0:* LISTEN 3268/0 tcp6 0 0 ::1:631 :::* LISTEN 3288/cupsd tcp6 0 0 :::143 :::* LISTEN 2731/couriertcpd udp 0 0 0.0.0.0:68 0.0.0.0:* 3690/dhclient udp 0 0 0.0.0.0:68 0.0.0.0:* 3396/dhclient udp 0 0 0.0.0.0:68 0.0.0.0:* 3158/dhclient udp 0 0 0.0.0.0:47447 0.0.0.0:* 3396/dhclient udp 0 0 0.0.0.0:56026 0.0.0.0:* 3690/dhclient udp 0 0 0.0.0.0:57235 0.0.0.0:* 3158/dhclient udp6 0 0 :::21529 :::* 3158/dhclient udp6 0 0 :::56026 :::* 3396/dhclient udp6 0 0 :::27602 :::* 3690/dhclient > >> 2] disable ipv6 > > Is there something malfunctioning on this host? Or is there any service > that misbehaves with ipv6? I read something online earlier, "Currently there are no comfortable tools out which are able to check a system over network for IPv6 security issues. Neither Nessus nor any commercial security scanner is as far as I know able to scan IPv6 addresses." (from http://mirrors.deepspace6.net/Linux+IPv6-HOWTO/ipv6-security-auditing.html) > > Reco > > -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/52e7559b.6050...@gmail.com