Re: [expert] Security warnings
"Bob Puff@NLE" wrote: > > > You DO have webmin running on 1. Unless you plan to do > > remote control, fire up netscape and > > > > http://127.0.0.1:1 > > > > login is root > > password is root's password > > > > Go to Webmin Configuration->IP Access control and tick "allow > > only from listed addresses" then type in 127.0.0.1 and any other > > addresses you care to access webmin from and SAVE. > > > > Then look around--you have one of the most powerful > > administration tools in your own control. Want to configure > > servers, stop processes, set up boot defaults, look at disk > > partitioning? It's all there and more. > > > > Civileme > > Hello, > > Yes, I am using Webmin - really nice tool! It is password-protected, so I'm not >that concerned at the moment. Is that all that the long text was trying to tell me, >or are there other ports open? > > Bob Yes, others are open, fairly standard ones. I'd tend to want to kill off wu-ftpd and make sure innd has the appropriate false setting for verifycancels in innd.conf. Civileme
Re: [expert] Security warnings
"Bob Puff@NLE" wrote: > > Hi Gang, > > I keep getting this in my mail and also in my logs. Is this normal? > > *** Diff Check, Wed Jul 5 04:01:57 EDT 2000 *** > > Security Warning: There is modifications for port listening on your machine : > - Opened ports : tcp0 0 *:www *:* > LISTEN 747/httpd > - Opened ports : tcp0 0 *:1 *:* > LISTEN 784/perl > - Opened ports : tcp0 0 *:smtp *:* > LISTEN 718/master > - Opened ports : tcp0 0 *:cfengine *:* > LISTEN 600/cfd > - Opened ports : tcp0 0 *:nntp *:* > LISTEN 587/inetd > - Opened ports : tcp0 0 *:pop3 *:* > LISTEN 587/inetd > - Opened ports : tcp0 0 *:telnet*:* > LISTEN 587/inetd > - Opened ports : tcp0 0 *:ftp *:* > LISTEN 587/inetd > - Opened ports : tcp0 0 *:sunrpc*:* > LISTEN 490/portmap > - Opened ports : udp0 0 *:1 *:* > 784/perl > - Opened ports : udp0 0 *:sunrpc*:* > 490/portmap > - Closed ports : tcp0 0 *:www *:* > LISTEN 30057/httpd > > - Closed ports : tcp0 0 *:1 *:* > LISTEN 825/perl > - Closed ports : tcp0 0 *:smtp *:* > LISTEN 748/master > - Closed ports : tcp0 0 *:cfengine *:* > LISTEN 630/cfd > - Closed ports : tcp0 0 *:nntp *:* > LISTEN 617/inetd > - Closed ports : tcp0 0 *:pop3 *:* > LISTEN 617/inetd > - Closed ports : tcp0 0 *:telnet*:* > LISTEN 617/inetd > - Closed ports : tcp0 0 *:ftp *:* > LISTEN 617/inetd > - Closed ports : tcp0 0 *:sunrpc*:* > LISTEN 520/portmap > - Closed ports : udp0 0 *:1 *:* > 825/perl > - Closed ports : udp0 0 *:sunrpc*:* > 520/portmap > > *** Security Check, Wed Jul 5 04:02:06 EDT 2000 *** > > Security Warning: World Writeable files found : > - /home/bob/http > - /tmp > - /tmp/.X11-unix > - /tmp/.X11-unix/X9 > - /tmp/.font-unix > - /tmp/.font-unix/fs-1 > - /var/lib/svgalib > - /var/lib/texmf > - /var/lib/texmf/ls-R > - /var/spool/fax/outgoing > - /var/spool/fax/outgoing/locks > - /var/spool/postfix/maildrop > - /var/spool/postfix/private/bounce > - /var/spool/postfix/private/bsmtp > - /var/spool/postfix/private/cleanup > - /var/spool/postfix/private/cyrus > - /var/spool/postfix/private/defer > - /var/spool/postfix/private/error > - /var/spool/postfix/private/ifmail > - /var/spool/postfix/private/local > - /var/spool/postfix/private/rewrite > - /var/spool/postfix/private/smtp > - /var/spool/postfix/private/uucp > - /var/spool/postfix/public/pickup > - /var/spool/postfix/public/qmgr > - /var/spool/postfix/public/showq > - /var/spool/samba > - /var/tmp > > These are the ports listening on your machine : > Active Internet connections (only servers) > Proto Recv-Q Send-Q Local Address Foreign Address State >PID/Program name > tcp0 0 *:www *:* LISTEN >747/httpd > tcp0 0 *:1 *:* LISTEN >784/perl > tcp0 0 *:smtp *:* LISTEN >718/master > tcp0 0 *:cfengine *:*