Re: [expert] closing ports

[Gregor Maier]

This depends on your server. If the server tries to get the portnumber on which
to listen from the services file (get_servbyname) then this would work. But NOT
if the the server has a numeric port number in its config (like apache).

 
On 21-Sep-2001 James Sparenberg wrote:
 All,
Coming from the BSD world I can say that to close a port I would simply
 edit /etc/services and comment out (add a # sign) at the front of every line
 for a port and service I didn't need/want running.  Wouldn't this work the
 same in Linux?  If not, does anyone know why?
 
 James
 
 On Fri, 21 Sep 2001 17:49:38 -0400
 etharp [EMAIL PROTECTED] wrote:
 
 On Friday 21 September 2001 17:12, you wrote:
  I visited the self scan page and there are some ports open. how to close
  ports? I tried closing them using firewall, nothing happened.  I have
  used linuxconf to stop service using these ports, but they'r estill
  open.  mandrake 7.1 had an application to close ports, but it's not
  available in M 8.0, i want to close this ports, how to do it
 
 
 Content-Type: text/plain; charset=us-ascii; name=message.footer
 Content-Transfer-Encoding: 8bit
 Content-Description: 
 
 as root, in a rext console, type InteractiveBastille, without the quotes, 
 noteing the caps
 
 
 

--
E-Mail: Gregor Maier [EMAIL PROTECTED]
Date: 24-Sep-2001
Time: 08:46:00
--



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[aortiz]

The self-scan port page i vsitedis the one on the linux-mandrake web
site  under demos - internet sharing - ip masquerading. if you follow
this demo, almost the very last page there is a link to the self scan
page.  that's teh one i used. for security reason i can tell you which
ports the self sacan page told were open.  tried using several ways to
close them (linuxconf, etc) there still open.

gory.org wrote:
 What is the URL of the self-scan page, BTW?
 
 On Fri 21 Sep at 14:12:56 -0700 [EMAIL PROTECTED] done said:
  I visited the self scan page and there are some ports open. how to close
  ports? I tried closing them using firewall, nothing happened.  I have
  used linuxconf to stop service using these ports, but they'r estill
  open.  mandrake 7.1 had an application to close ports, but it's not
  available in M 8.0, i want to close this ports, how to do it
  
  
  
 
  Want to buy your Pack or Services from MandrakeSoft? 
  Go to http://www.mandrakestore.com
 
 
 -- 
 GPG Key fingerprint = 4F36 EC4F 2F2C 5F59 9690  09E5 4C0F 9DB0 8623 53CE
 If the American dream is for Americans only, it will remain our dream
 and never be our destiny.
   -- Ren'e de Visme Williamson
 
 
 =_1001124044-779-808
 Want to buy your Pack or Services from MandrakeSoft? 
 Go to http://www.mandrakestore.com




Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[Alexander Skwar]

So sprach »[EMAIL PROTECTED]« am 2001-09-21 um 19:00:00 -0700 :
 What is the URL of the self-scan page, BTW?

That's a good one:

http://whacker2.hackerwhacker.com:4000/startdemo.dyn?answer=network

Alexander Skwar
-- 
How to quote:   http://learn.to/quote (german) http://quote.6x.to (english)
Homepage:   http://www.digitalprojects.com   |   http://www.iso-top.de
   iso-top.de - Die günstige Art an Linux Distributionen zu kommen
Uptime: 3 days 3 hours 41 minutes



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[aortiz]

well, actually, i want to close, not scan. i've already scanned my
system

On 21 Sep 2001 19:40:29 -0700, Eric Paynter wrote:
 On September 21, 2001 07:00 pm, you wrote:
  What is the URL of the self-scan page, BTW?
 
 Why not use nmap and nmapfe for scanning? It is available as an RPM in the 
 distribution...
 
 -Eric
 
 -- 
 arctic bears - email and name services
 25 email addresses@yourdomain CA$11.95/month
 DNS starting at CA$3.49/month - domains from CA$25.95/year
 for details contact [EMAIL PROTECTED] or visit http://www.arcticbears.com
 
 
 =_1001126504-779-816
 Want to buy your Pack or Services from MandrakeSoft? 
 Go to http://www.mandrakestore.com




Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[etharp]

On Friday 21 September 2001 17:12, you wrote:
 I visited the self scan page and there are some ports open. how to close
 ports? I tried closing them using firewall, nothing happened.  I have
 used linuxconf to stop service using these ports, but they'r estill
 open.  mandrake 7.1 had an application to close ports, but it's not
 available in M 8.0, i want to close this ports, how to do it


Content-Type: text/plain; charset=us-ascii; name=message.footer
Content-Transfer-Encoding: 8bit
Content-Description: 

as root, in a rext console, type InteractiveBastille, without the quotes, 
noteing the caps



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[James Sparenberg]

All,
   Coming from the BSD world I can say that to close a port I would simply edit 
/etc/services and comment out (add a # sign) at the front of every line for a port and 
service I didn't need/want running.  Wouldn't this work the same in Linux?  If not, 
does anyone know why?

James

On Fri, 21 Sep 2001 17:49:38 -0400
etharp [EMAIL PROTECTED] wrote:

 On Friday 21 September 2001 17:12, you wrote:
  I visited the self scan page and there are some ports open. how to close
  ports? I tried closing them using firewall, nothing happened.  I have
  used linuxconf to stop service using these ports, but they'r estill
  open.  mandrake 7.1 had an application to close ports, but it's not
  available in M 8.0, i want to close this ports, how to do it
 
 
 Content-Type: text/plain; charset=us-ascii; name=message.footer
 Content-Transfer-Encoding: 8bit
 Content-Description: 
 
 as root, in a rext console, type InteractiveBastille, without the quotes, 
 noteing the caps
 
 



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[cb]

What is the URL of the self-scan page, BTW?

On Fri 21 Sep at 14:12:56 -0700 [EMAIL PROTECTED] done said:
 I visited the self scan page and there are some ports open. how to close
 ports? I tried closing them using firewall, nothing happened.  I have
 used linuxconf to stop service using these ports, but they'r estill
 open.  mandrake 7.1 had an application to close ports, but it's not
 available in M 8.0, i want to close this ports, how to do it
 
 
 

 Want to buy your Pack or Services from MandrakeSoft? 
 Go to http://www.mandrakestore.com


-- 
GPG Key fingerprint = 4F36 EC4F 2F2C 5F59 9690  09E5 4C0F 9DB0 8623 53CE
If the American dream is for Americans only, it will remain our dream
and never be our destiny.
-- Ren'e de Visme Williamson



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[Eric Paynter]

On September 21, 2001 07:00 pm, you wrote:
 What is the URL of the self-scan page, BTW?

Why not use nmap and nmapfe for scanning? It is available as an RPM in the 
distribution...

-Eric

-- 
arctic bears - email and name services
25 email addresses@yourdomain CA$11.95/month
DNS starting at CA$3.49/month - domains from CA$25.95/year
for details contact [EMAIL PROTECTED] or visit http://www.arcticbears.com



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[cb]

On Fri 21 Sep at 19:40:29 -0700 [EMAIL PROTECTED] done said:
 On September 21, 2001 07:00 pm, you wrote:
  What is the URL of the self-scan page, BTW?
 
 Why not use nmap and nmapfe for scanning? It is available as an RPM in the 
 distribution...

I know about nmap.  When you're not on a linux box and you need this
sort of tool (god forbid) , it's nice to know where to find it.  Know 
what I'm sayin?
-- 
GPG Key fingerprint = 4F36 EC4F 2F2C 5F59 9690  09E5 4C0F 9DB0 8623 53CE
The Poems, all three hundred of them, may be summed up in one of their phrases:
Let our thoughts be correct.
-- Confucius



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[Eric Paynter]

On September 21, 2001 08:08 pm, you wrote:
 ahh ... scanning yourself from the same box is *almost* irrelevant!

LOL! Of course that isn't what I meant! Sorry, my silly assumption that 
everybody has at least two boxes and can ssh to some other one on the 
outside... How easy it is to forget what the world was like before computers 
become my world. ;-)

-Eric

-- 
arctic bears - email and name services
25 email addresses@yourdomain CA$11.95/month
DNS starting at CA$3.49/month - domains from CA$25.95/year
for details contact [EMAIL PROTECTED] or visit http://www.arcticbears.com



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

[expert] closing ports

[aortiz]

I visited the self scan page and there are some ports open. how to close
ports? I tried closing them using firewall, nothing happened.  I have
used linuxconf to stop service using these ports, but they'r estill
open.  mandrake 7.1 had an application to close ports, but it's not
available in M 8.0, i want to close this ports, how to do it





Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[Eric Paynter]

On September 21, 2001 03:40 am, you wrote:
Coming from the BSD world I can say that to close a port I would
 simply edit /etc/services and comment out (add a # sign) at the front of
 every line for a port and service I didn't need/want running.  Wouldn't
 this work the same in Linux?  If not, does anyone know why?

That will work if you are using a super-daemon like inetd or xinetd. However, 
it won't close the ports that other servers are listening on.

If you have servers running that you only want localhost to have access to, 
try using iptables to block them. For instance, let's say you have mysql 
running and you don't want it visible on the network. Then do:

iptables -A INPUT -p tcp --dport 3306 -s ! 127.0.0.1 -j DROP

This says add (-A) to the INPUT table the rule that if a something arrives 
whose protocol (-p) is tcp and whose destination port (--dport) is 3306 and 
whose source (-s) IP is not (!) 127.0.0.1, then jump (-j) to the DROP table. 
Obviously, the DROP table drops the packet on the floor. 

-Eric


-- 
arctic bears - email and name services
25 email addresses@yourdomain CA$11.95/month
DNS starting at CA$3.49/month - domains from CA$25.95/year
for details contact [EMAIL PROTECTED] or visit http://www.arcticbears.com



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[Bill Kenworthy]

ahh ... scanning yourself from the same box is *almost* irrelevant!  You
need to do it from another box, preferably outside firewalls, ISP's etc
to actually see what is exposed to the world, rather just *open* to
itself.  Whist free scans from grc.com and the like are windows biased,
they can at least confirm what your machine looks like to an outside
scanner as a confidence check.

BillK

On Sat, 2001-09-22 at 10:40, Eric Paynter wrote:
 On September 21, 2001 07:00 pm, you wrote:
  What is the URL of the self-scan page, BTW?
 
 Why not use nmap and nmapfe for scanning? It is available as an RPM in the 
 distribution...
 
 -Eric
 
 -- 
 arctic bears - email and name services
 25 email addresses@yourdomain CA$11.95/month
 DNS starting at CA$3.49/month - domains from CA$25.95/year
 for details contact [EMAIL PROTECTED] or visit http://www.arcticbears.com
 
 
 

 Want to buy your Pack or Services from MandrakeSoft? 
 Go to http://www.mandrakestore.com





Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Re: [expert] closing ports

[Eric Paynter]

On September 21, 2001 08:02 pm, [EMAIL PROTECTED] wrote:
 I know about nmap.  When you're not on a linux box and you need this
 sort of tool (god forbid) , it's nice to know where to find it.  Know
 what I'm sayin?

Point taken...

-Eric

-- 
arctic bears - email and name services
25 email addresses@yourdomain CA$11.95/month
DNS starting at CA$3.49/month - domains from CA$25.95/year
for details contact [EMAIL PROTECTED] or visit http://www.arcticbears.com



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com