Re: [Solved] Re: how to close port 113 ident xinetd
On Sun, Aug 3, 2008 at 12:04 PM, Gregory Seidman [EMAIL PROTECTED] wrote: [...] xinetd uses separate configuration files for each of the services it provides (assuming your /etc/xinetd.conf has the line includedir /etc/xinetd.d per the Debian default). Part of the pidentd package is an xinetd config file that is placed in the /etc/xinetd.d directory. When you uninstalled pidentd that file was removed, but you still had to restart xinetd for it to reread its config (which no longer included the ident service). OK - that makes sense now. Thanks! -- Jimmy -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: re: how to close port 113
Jude DaShiell wrote: Install and run arno-iptables-firewall and tell it your internet port like eth0 or ppp0 and leave the rest of the defaults alone. Port 113 will be closed once this is done since one of the defaults with arno-iptables-firewall is to first deny all ports then only open up those you specifically choose to open. In general my advice would be to make your system secure /without/ a firewall. I.e. do not run services that you do not need, and make the ones you /do/ need only accessible from the LAN, not from the outside world. Then, you can run a firewall as a double security. It is dangerous to rely on firewalls only for security because it so easy to make mistakes with them. Regards, Jan -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Solved] Re: how to close port 113 ident xinetd
On Sat, Aug 02, 2008 at 09:03:10PM -0400, Jimmy Wu wrote: On Sat, Aug 2, 2008 at 6:43 PM, Ansgar Burchardt [EMAIL PROTECTED] wrote: Hi, Jimmy Wu [EMAIL PROTECTED] writes: I tried doing an nmap scan on myself the other day and found that tcp port 113 was open. Nmap listed the service as ident. I am trying to remove this service since I don't think I need it, but I can't figure out how. I removed the package pidentd, after which nmap reported the port was still open, but changed its service description to auth?. Did you restart xinetd after removing pidentd? Regards, Ansgar Thank you - I restarted xinetd and the port seems to be closed now (at least according nmap and netstat). I guess since ident wasn't mentioned in xinetd.conf, I didn't think to restart it. xinetd uses separate configuration files for each of the services it provides (assuming your /etc/xinetd.conf has the line includedir /etc/xinetd.d per the Debian default). Part of the pidentd package is an xinetd config file that is placed in the /etc/xinetd.d directory. When you uninstalled pidentd that file was removed, but you still had to restart xinetd for it to reread its config (which no longer included the ident service). Thanks again to everyone who replied, Jimmy Wu --Greg -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
re: how to close port 113
Install and run arno-iptables-firewall and tell it your internet port like eth0 or ppp0 and leave the rest of the defaults alone. Port 113 will be closed once this is done since one of the defaults with arno-iptables-firewall is to first deny all portsthen only open up those you specifically choose to open. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: how to close port 113 ident xinetd
Hi, Jimmy Wu [EMAIL PROTECTED] writes: I tried doing an nmap scan on myself the other day and found that tcp port 113 was open. Nmap listed the service as ident. I am trying to remove this service since I don't think I need it, but I can't figure out how. I removed the package pidentd, after which nmap reported the port was still open, but changed its service description to auth?. Did you restart xinetd after removing pidentd? Regards, Ansgar -- PGP: 1024D/595FAD19 739E 2D09 0969 BEA9 9797 B055 DDB0 2FF7 595F AD19 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: how to close port 113 ident xinetd
On 08/02/08 17:43, Ansgar Burchardt wrote: Hi, Jimmy Wu [EMAIL PROTECTED] writes: I tried doing an nmap scan on myself the other day and found that tcp port 113 was open. Nmap listed the service as ident. I am trying to remove this service since I don't think I need it, but I can't figure out how. I removed the package pidentd, after which nmap reported the port was still open, but changed its service description to auth?. Did you restart xinetd after removing pidentd? Since the superserver only activates processes on demand, does it really matter that xinetd was not restarted? -- Ron Johnson, Jr. Jefferson LA USA Scientists are people, too. IOW, they also crave power, money, respect, and influence, and they also fear for their jobs. Each can be a healthy motivator, but each has the ability to turn a good scientist into a bad one; and in some cases, they can turn a good scientist into a charlatan. http://thefutureofthings.com/book/3/the-bomb-that-never-was.html -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: how to close port 113 ident xinetd
On Sat, 2008-08-02 at 18:17 -0500, Ron Johnson wrote: On 08/02/08 17:43, Ansgar Burchardt wrote: Hi, Jimmy Wu [EMAIL PROTECTED] writes: I tried doing an nmap scan on myself the other day and found that tcp port 113 was open. Nmap listed the service as ident. I am trying to remove this service since I don't think I need it, but I can't figure out how. I removed the package pidentd, after which nmap reported the port was still open, but changed its service description to auth?. Did you restart xinetd after removing pidentd? Since the superserver only activates processes on demand, does it really matter that xinetd was not restarted? That's presumably the reason for the changed description from nmap - xinetd is still listening on the port, but can't find the program when it tries to start it. Removing the package has hopefully removed the relevant line from the config file (/etc/inetd.conf?), so xinetd won't listen on that port when it restarts. Richard -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
[Solved] Re: how to close port 113 ident xinetd
On Sat, Aug 2, 2008 at 6:43 PM, Ansgar Burchardt [EMAIL PROTECTED] wrote: Hi, Jimmy Wu [EMAIL PROTECTED] writes: I tried doing an nmap scan on myself the other day and found that tcp port 113 was open. Nmap listed the service as ident. I am trying to remove this service since I don't think I need it, but I can't figure out how. I removed the package pidentd, after which nmap reported the port was still open, but changed its service description to auth?. Did you restart xinetd after removing pidentd? Regards, Ansgar Thank you - I restarted xinetd and the port seems to be closed now (at least according nmap and netstat). I guess since ident wasn't mentioned in xinetd.conf, I didn't think to restart it. Thanks again to everyone who replied, -- Jimmy Wu Registered Linux User #454138 () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
