i am running redhat 7.2 enigma all services are in /etc/xinetd.d
i disabled all services that i could and still i can see all the services running. what do i so. before i do all that, can u please help me with the hosts.deny file since this server is the production mail server... i dont want anybody to access this except for pop3 access. and only from within the intranet (192.168.5.x) i want full access to this server........ i want to block all access from the outside world. of course, not fully blocked that even email stops entering. please tell me, what i should enter inmy hosts.conf file. Arvind ----- Original Message ----- From: "Suresh Ramasubramanian" <[EMAIL PROTECTED]> To: "Linux India" <[EMAIL PROTECTED]> Sent: Friday, May 03, 2002 2:08 PM Subject: [LIH] Re: could i have been hacked? > +++ Arvind [linux-india] <03/05/02 14:04 +0530>: > > i never opened all these services......... but i see them all with an nmap > > what do i do? > > shut them the hell down, what else? > > > Port State Service > > 21/tcp open ftp > > vi /etc/inetd.conf ... comment out the ftp line. > > > 22/tcp open ssh > > let it be. you will need it - and upgrade to the latest ssh > > > 23/tcp open telnet > > comment out from inetd > > > 25/tcp open smtp > > you need it i guess? this is your postfix here > > > 70/tcp open gopher > > get rid of it. > > > 80/tcp open http > > web > > > 110/tcp open pop-3 > > need it i guess > > > 111/tcp open sunrpc > > shut it off ... the services beginning with r in ntsysv. get rid of them > > > 113/tcp open auth > > this is identd > > > 119/tcp open nntp > > you running a news server? if not uninstall innd or whatever you have > > > 139/tcp open netbios-ssn > > samba. use ipchains to firewall it from the net > > > 515/tcp open printer > > cups or lpd i suppose > > > 587/tcp open submission > > sendmail > > > 1024/tcp open kdm > > why the hell do you want to run X on a production server? shut down X .. > > > 1521/tcp open ncube-lm > > wtf is this, beats me... > > > -- > Suresh Ramasubramanian <----> mallet <at> efn dot org > EMail Sturmbannfuhrer, Lower Middle Class Unix Sysadmin > [Linux One Stanza Tip] From : <[EMAIL PROTECTED]> > LOST #092 -**< Sub : System Backup FAQ >**- > For a short FAQ on GNU/Linux system backup visit :- > http://kmself.home.netcom.com/Linux/FAQs/backups.html > > _______________________________________________________________ > > Have big pipes? SourceForge.net is looking for download mirrors. We supply > the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] > _______________________________________________ > linux-india-help mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/linux-india-help _______________________________________________________________ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] _______________________________________________ linux-india-help mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/linux-india-help
