On 05/09/2015 01:25 PM, Bill wrote: > I'm still running wheezy but noticed a couple of open ports the other > day. This is just a simple laptop - no nfs access needed, no need for a > networked port mapper, and certainly not a dns server. > > So why are they there,
Well, Debian's policy for daemons generally is that if they are installed, they are enabled by default. > what uses them and why shouldn't I close them? > (I'm assuming there must be a good reason to have wide open ports.) >>># netstat -nplt > Active Internet connections (only servers) > Proto Recv-Q Send-Q Local Address Foreign Address State > PID/Program name > tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN > 1904/rpcbind > tcp 0 0 0.0.0.0:51062 0.0.0.0:* LISTEN > 1935/rpc.statd rpc.statd will be started unless you set NEED_STATD=no in /etc/default/nfs-common. Since you said you don't use NFSv3, you can safely do that. rpcbind is started from /etc/init.d/rpcbind. If you don't use NFS or NIS at all, you don't need to have that running. To disable it under Wheezy, use: update-rc.d rpcbind disable After that, it won't be started anymore at boot. Christian -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/554df48d.9090...@iwakd.de