[expert] closing ports

[aortiz]

I visited the self scan page and there are some ports open. how to close
ports? I tried closing them using firewall, nothing happened.  I have
used linuxconf to stop service using these ports, but they'r estill
open.  mandrake 7.1 had an application to close ports, but it's not
available in M 8.0, i want to close this ports, how to do it





Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[Asheesh Laroia]

What ports in particular?

Some ports are controlled by a program called xinetd, a "superserver";
others are controlled by one specific program.

Example: SSH is controlled by the OpenSSH program, but telnet is part of
the xinetd superserver.

Try this command (as root):

netstat --listening --program

It should show you a list of what programs are listening on what port.  It
will give you names instead of numbers (i.e., "ssh" instead of "22").
Give it the --numeric option if you want numbers rather than names.

Please reply with the output of that command.  Unlike Windows, Linux
actually has reasons to have ports open - any Mandrake machine can be
logged into remotely (and securely) by using the SSH protocol, for
example.

Ask for more of an explanation if you need one.

-- Asheesh.

On Fri, 21 Sep 2001 [EMAIL PROTECTED] wrote:

> I visited the self scan page and there are some ports open. how to close
> ports? I tried closing them using firewall, nothing happened.  I have
> used linuxconf to stop service using these ports, but they'r estill
> open.  mandrake 7.1 had an application to close ports, but it's not
> available in M 8.0, i want to close this ports, how to do it




Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[etharp]

On Friday 21 September 2001 17:12, you wrote:
> I visited the self scan page and there are some ports open. how to close
> ports? I tried closing them using firewall, nothing happened.  I have
> used linuxconf to stop service using these ports, but they'r estill
> open.  mandrake 7.1 had an application to close ports, but it's not
> available in M 8.0, i want to close this ports, how to do it


Content-Type: text/plain; charset="us-ascii"; name="message.footer"
Content-Transfer-Encoding: 8bit
Content-Description: 

as root, in a rext console, type "InteractiveBastille", without the quotes, 
noteing the caps



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[James Sparenberg]

All,
   Coming from the BSD world I can say that to "close" a port I would simply edit 
/etc/services and comment out (add a # sign) at the front of every line for a port and 
service I didn't need/want running.  Wouldn't this work the same in Linux?  If not, 
does anyone know why?

James

On Fri, 21 Sep 2001 17:49:38 -0400
etharp <[EMAIL PROTECTED]> wrote:

> On Friday 21 September 2001 17:12, you wrote:
> > I visited the self scan page and there are some ports open. how to close
> > ports? I tried closing them using firewall, nothing happened.  I have
> > used linuxconf to stop service using these ports, but they'r estill
> > open.  mandrake 7.1 had an application to close ports, but it's not
> > available in M 8.0, i want to close this ports, how to do it
> 
> 
> Content-Type: text/plain; charset="us-ascii"; name="message.footer"
> Content-Transfer-Encoding: 8bit
> Content-Description: 
> 
> as root, in a rext console, type "InteractiveBastille", without the quotes, 
> noteing the caps
> 
> 



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[cb]

What is the URL of the self-scan page, BTW?

On Fri 21 Sep at 14:12:56 -0700 [EMAIL PROTECTED] done said:
> I visited the self scan page and there are some ports open. how to close
> ports? I tried closing them using firewall, nothing happened.  I have
> used linuxconf to stop service using these ports, but they'r estill
> open.  mandrake 7.1 had an application to close ports, but it's not
> available in M 8.0, i want to close this ports, how to do it
> 
> 
> 

> Want to buy your Pack or Services from MandrakeSoft? 
> Go to http://www.mandrakestore.com


-- 
GPG Key fingerprint = 4F36 EC4F 2F2C 5F59 9690  09E5 4C0F 9DB0 8623 53CE
If the American dream is for Americans only, it will remain our dream
and never be our destiny.
-- Ren'e de Visme Williamson



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[Eric Paynter]

On September 21, 2001 07:00 pm, you wrote:
> What is the URL of the self-scan page, BTW?

Why not use nmap and nmapfe for scanning? It is available as an RPM in the 
distribution...

-Eric

-- 
arctic bears - email and name services
25 email addresses@yourdomain CA$11.95/month
DNS starting at CA$3.49/month - domains from CA$25.95/year
for details contact [EMAIL PROTECTED] or visit http://www.arcticbears.com



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[cb]

On Fri 21 Sep at 19:40:29 -0700 [EMAIL PROTECTED] done said:
> On September 21, 2001 07:00 pm, you wrote:
> > What is the URL of the self-scan page, BTW?
> 
> Why not use nmap and nmapfe for scanning? It is available as an RPM in the 
> distribution...

I know about nmap.  When you're not on a linux box and you need this
sort of tool (god forbid) , it's nice to know where to find it.  Know 
what I'm sayin?
-- 
GPG Key fingerprint = 4F36 EC4F 2F2C 5F59 9690  09E5 4C0F 9DB0 8623 53CE
The Poems, all three hundred of them, may be summed up in one of their phrases:
"Let our thoughts be correct".
-- Confucius



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[Eric Paynter]

On September 21, 2001 08:08 pm, you wrote:
> ahh ... scanning yourself from the same box is *almost* irrelevant!

LOL! Of course that isn't what I meant! Sorry, my silly assumption that 
everybody has at least two boxes and can ssh to some other one on the 
outside... How easy it is to forget what the world was like before computers 
become my world. ;-)

-Eric

-- 
arctic bears - email and name services
25 email addresses@yourdomain CA$11.95/month
DNS starting at CA$3.49/month - domains from CA$25.95/year
for details contact [EMAIL PROTECTED] or visit http://www.arcticbears.com



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[aortiz]

The self-scan port page i vsitedis the one on the linux-mandrake web
site  under demos - internet sharing - ip masquerading. if you follow
this demo, almost the very last page there is a link to the self scan
page.  that's teh one i used. for security reason i can tell you which
ports the self sacan page told were open.  tried using several ways to
close them (linuxconf, etc) there still open.

gory.org wrote:
> What is the URL of the self-scan page, BTW?
> 
> On Fri 21 Sep at 14:12:56 -0700 [EMAIL PROTECTED] done said:
> > I visited the self scan page and there are some ports open. how to close
> > ports? I tried closing them using firewall, nothing happened.  I have
> > used linuxconf to stop service using these ports, but they'r estill
> > open.  mandrake 7.1 had an application to close ports, but it's not
> > available in M 8.0, i want to close this ports, how to do it
> > 
> > 
> > 
> 
> > Want to buy your Pack or Services from MandrakeSoft? 
> > Go to http://www.mandrakestore.com
> 
> 
> -- 
> GPG Key fingerprint = 4F36 EC4F 2F2C 5F59 9690  09E5 4C0F 9DB0 8623 53CE
> If the American dream is for Americans only, it will remain our dream
> and never be our destiny.
>   -- Ren'e de Visme Williamson
> 
> 
> =_1001124044-779-808
> Want to buy your Pack or Services from MandrakeSoft? 
> Go to http://www.mandrakestore.com




Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[Alexander Skwar]

So sprach »[EMAIL PROTECTED]« am 2001-09-21 um 19:00:00 -0700 :
> What is the URL of the self-scan page, BTW?

That's a good one:

http://whacker2.hackerwhacker.com:4000/startdemo.dyn?answer=network

Alexander Skwar
-- 
How to quote:   http://learn.to/quote (german) http://quote.6x.to (english)
Homepage:   http://www.digitalprojects.com   |   http://www.iso-top.de
   iso-top.de - Die günstige Art an Linux Distributionen zu kommen
Uptime: 3 days 3 hours 41 minutes



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[Eric Paynter]

On September 21, 2001 03:40 am, you wrote:
>Coming from the BSD world I can say that to "close" a port I would
> simply edit /etc/services and comment out (add a # sign) at the front of
> every line for a port and service I didn't need/want running.  Wouldn't
> this work the same in Linux?  If not, does anyone know why?

That will work if you are using a super-daemon like inetd or xinetd. However, 
it won't close the ports that other servers are listening on.

If you have servers running that you only want localhost to have access to, 
try using iptables to block them. For instance, let's say you have mysql 
running and you don't want it visible on the network. Then do:

iptables -A INPUT -p tcp --dport 3306 -s ! 127.0.0.1 -j DROP

This says add (-A) to the INPUT table the rule that if a something arrives 
whose protocol (-p) is tcp and whose destination port (--dport) is 3306 and 
whose source (-s) IP is not (!) 127.0.0.1, then jump (-j) to the DROP table. 
Obviously, the DROP table drops the packet on the floor. 

-Eric


-- 
arctic bears - email and name services
25 email addresses@yourdomain CA$11.95/month
DNS starting at CA$3.49/month - domains from CA$25.95/year
for details contact [EMAIL PROTECTED] or visit http://www.arcticbears.com



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[Bill Kenworthy]

ahh ... scanning yourself from the same box is *almost* irrelevant!  You
need to do it from another box, preferably outside firewalls, ISP's etc
to actually see what is exposed to the world, rather just *open* to
itself.  Whist free scans from grc.com and the like are windows biased,
they can at least confirm what your machine looks like to an outside
scanner as a confidence check.

BillK

On Sat, 2001-09-22 at 10:40, Eric Paynter wrote:
> On September 21, 2001 07:00 pm, you wrote:
> > What is the URL of the self-scan page, BTW?
> 
> Why not use nmap and nmapfe for scanning? It is available as an RPM in the 
> distribution...
> 
> -Eric
> 
> -- 
> arctic bears - email and name services
> 25 email addresses@yourdomain CA$11.95/month
> DNS starting at CA$3.49/month - domains from CA$25.95/year
> for details contact [EMAIL PROTECTED] or visit http://www.arcticbears.com
> 
> 
> 

> Want to buy your Pack or Services from MandrakeSoft? 
> Go to http://www.mandrakestore.com





Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[Eric Paynter]

On September 21, 2001 08:02 pm, [EMAIL PROTECTED] wrote:
> I know about nmap.  When you're not on a linux box and you need this
> sort of tool (god forbid) , it's nice to know where to find it.  Know
> what I'm sayin?

Point taken...

-Eric

-- 
arctic bears - email and name services
25 email addresses@yourdomain CA$11.95/month
DNS starting at CA$3.49/month - domains from CA$25.95/year
for details contact [EMAIL PROTECTED] or visit http://www.arcticbears.com



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[aortiz]

well, actually, i want to close, not scan. i've already scanned my
system

On 21 Sep 2001 19:40:29 -0700, Eric Paynter wrote:
> On September 21, 2001 07:00 pm, you wrote:
> > What is the URL of the self-scan page, BTW?
> 
> Why not use nmap and nmapfe for scanning? It is available as an RPM in the 
> distribution...
> 
> -Eric
> 
> -- 
> arctic bears - email and name services
> 25 email addresses@yourdomain CA$11.95/month
> DNS starting at CA$3.49/month - domains from CA$25.95/year
> for details contact [EMAIL PROTECTED] or visit http://www.arcticbears.com
> 
> 
> =_1001126504-779-816
> Want to buy your Pack or Services from MandrakeSoft? 
> Go to http://www.mandrakestore.com




Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[Gregor Maier]

This depends on your server. If the server tries to get the portnumber on which
to listen from the services file (get_servbyname) then this would work. But NOT
if the the server has a numeric port number in its config (like apache).

 
On 21-Sep-2001 James Sparenberg wrote:
> All,
>Coming from the BSD world I can say that to "close" a port I would simply
> edit /etc/services and comment out (add a # sign) at the front of every line
> for a port and service I didn't need/want running.  Wouldn't this work the
> same in Linux?  If not, does anyone know why?
> 
> James
> 
> On Fri, 21 Sep 2001 17:49:38 -0400
> etharp <[EMAIL PROTECTED]> wrote:
> 
>> On Friday 21 September 2001 17:12, you wrote:
>> > I visited the self scan page and there are some ports open. how to close
>> > ports? I tried closing them using firewall, nothing happened.  I have
>> > used linuxconf to stop service using these ports, but they'r estill
>> > open.  mandrake 7.1 had an application to close ports, but it's not
>> > available in M 8.0, i want to close this ports, how to do it
>> 
>> 
>> Content-Type: text/plain; charset="us-ascii"; name="message.footer"
>> Content-Transfer-Encoding: 8bit
>> Content-Description: 
>> 
>> as root, in a rext console, type "InteractiveBastille", without the quotes, 
>> noteing the caps
>> 
>> 
> 

--
E-Mail: Gregor Maier <[EMAIL PROTECTED]>
Date: 24-Sep-2001
Time: 08:46:00
--



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com