On 10-Jul-2001 Arman Khalatyan wrote:
> Hallo!
> Hoto close some ports...
> I have Mandrake 7.2 with 2.4.1 kernel.
>#############################################################
> [arm2arm@icas> arm2arm]$ nmap localhost
> Starting nmap V. 2.53 by [EMAIL PROTECTED] ( www.insecure.org/nmap/ )
> Interesting ports on localhost.localdomain (127.0.0.1):
> (The 1514 ports scanned but not shown below are in state: closed)
> Port State Service
> 21/tcp open ftp
> 23/tcp open telnet
> 25/tcp open smtp
> 110/tcp open pop-3
> 113/tcp open auth <-- I wont to close this one
> 443/tcp open https
> 513/tcp open login
> 1024/tcp open kdm <-- I wont to close this one
> 6000/tcp open X11 <-- I wont to close this one
>##############################################################
> Nmap run completed -- 1 IP address (1 host up) scanned in 0 seconds
>
port 6000 is needed if you want to use X-Window probably the same with kdm but
i don't know. If you do block them from machines other than yours you'll have
to set up some basic firewall rules.
What to do:
run a "netstat -ap | grep LISTEN". This will show all ports which are open
(where the kernel listens for connections) and it will also show you which
process is listenning there.
If the process is xinetd this port is serveb by the super server. Go to the
/etc/xinetd.d directory and edit the matching file (should be could auth or
something alike) Add a line disable=yes to it and reload the xinetd server's
config files (/etc/init.d/xinetd reload)
If the owner is a different process use linuxconf do disable this process
(system services part if linuxconf).
As i mentioned above another possibility would be a firewall using iptables
(for 2.4 kernels) - have a look at netfilter.filewatcher.org for a HOWTO on
iptables and packet-filtering
----------------------------------
E-Mail: Gregor Maier <[EMAIL PROTECTED]>
Date: 10-Jul-2001
Time: 10:28:34
----------------------------------
