-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
I donno why your rpc is up. In your redhat 7 system (like as
*nix) you MUST edit your /etc/inetd.conf by hashing your non
desired services, like:
#ftp stream tcp nowait root /usr/sbin/tcpd in.ftpd -l -a
#telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd
#this one and all r* must be erased or renamed!!
####login stream tcp nowait root /usr/sbin/tcpd in.rlogind
# this one I work to advertize me when a friend come on to
# knock on my pc at morning to stand me up by a beep :))
#comsat dgram udp wait root /usr/sbin/tcpd in.comsat
... all services don't have reasons to exist.
and start your supersever with #`/etc/rc.d/init.d/inet start`
or #`service inet start`
be carefull with your hub and some of windows device pluged
onto. Disconnect them or use an other interface for it.
If you have a lot of trouble with your computer now, run
this:
CS_NFSAFS='(nfs|afs|xfs|coda)'
CS_TYPES=' type (devpts|auto|proc|msdos|fat|vfat|iso9660|ncpfs|smbfs|'$CS_NFSAFS')'
CS_DEVS='^/dev/fd'
CS_DIRS='on /mnt'
FILTERS="$CS_TYPES|$CS_DEVS|$CS_DIRS"
DIR=`mount | grep -vE "$FILTERS" | cut -d ' ' -f3`
PRINT="%h/%f\n"
netstat -pvlA inet
nice --adjustment=+19 find ${DIR} -xdev -type f -perm +04000 -user root -printf
"${PRINT}"
nice --adjustment=+19 find ${DIR} -xdev -type f -perm +02000 -printf "${PRINT}"
nice --adjustment=+19 find ${DIR} -xdev -type f -perm -2 -printf "${PRINT}"
nice --adjustment=+19 find ${DIR} -xdev -nouser -printf "${PRINT}"
nice --adjustment=+19 find ${DIR} -xdev -nogroup -printf "${PRINT}"
and have a look on "bizarre" things
and so take care by running your computer component by
giving him the real path in the console. build another who
(whowatch is fine) and launch a bastille.pl on your pretty
penguin please.
gilles
°PS; sorry to respond you only now, your mail was go with a
.fetchmailrc on a wrong box :o/
Le Tue, Mar 20, 2001 at 01:25:07PM +0100,
Hans Scheffers ([EMAIL PROTECTED])
a écrit:
>
>
> Hi,
> I have done a out of the box install of redhat 7, this doesn't work anymore
> with inet.d but with xinetd.d
> When I look in the directory / config of xinetd.d, I have almost no services
> that I use, just ssh, ftp. smtp and pop
>
> When I do a portscan on the system with nmap I get the following result:
> nmap -sS localhost
>
> Starting nmap V. 2.54BETA7 ( www.insecure.org/nmap/ )
> Interesting ports on localhost (127.0.0.1):
> (The 1501 ports scanned but not shown below are in state: closed)
> Port State Service
> 1/tcp open tcpmux
> 11/tcp open systat
> 15/tcp open netstat
> 21/tcp open ftp
> 22/tcp open ssh
> 25/tcp open smtp
> 79/tcp open finger
> 80/tcp open http
> 110/tcp open pop-3
> 111/tcp open sunrpc
> 113/tcp open auth
> 119/tcp open nntp
> 139/tcp open netbios-ssn
> 143/tcp open imap2
> 443/tcp open https
> 515/tcp open printer
> 540/tcp open uucp
> 635/tcp open unknown
> 995/tcp open pop3s
> 1080/tcp open socks
> 1524/tcp open ingreslock
> 2000/tcp open callbook
> 3128/tcp open squid-http
> 5432/tcp open postgres
> 6667/tcp open irc
> 12345/tcp open NetBus
> 12346/tcp open NetBus
> 31337/tcp open Elite
> 32771/tcp open sometimes-rpc5
> 32772/tcp open sometimes-rpc7
> 32773/tcp open sometimes-rpc9
> 32774/tcp open sometimes-rpc11
> 54320/tcp open bo2k
>
> Nmap run completed -- 1 IP address (1 host up) scanned in 3 seconds
>
> This is also when the services are commented out of /etc/services and the
> xinetd daemon is restarted. How can I put all these services off?
>
> greetz
- --
C'est quand on a raison qu'il est difficile de prouver
qu'on a pas tort. Pierre Dac
- --- gpg key:http://bermudos.free.fr/.key/pubring.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.3 (GNU/Linux)
Comment: Pour information voir http://www.gnupg.org
iEYEARECAAYFAjq7FNAACgkQ79KAEZQ0U56BBACgqCf9xBvWCnYKz+5Bw+v+5ZPb
qz4An2joBotvh/Sp3ZsnCV2J0XD9mjmq
=TWZi
-----END PGP SIGNATURE-----
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
