Results 1 to 6 of 6

Thread: Closing ports on Linux box?

  1. #1
    It's a gas!
    Join Date
    Jul 2002
    Posts
    699

    Closing ports on Linux box?

    Hi guys

    I did an nmap on my RedHat 7.3 box last night and found a few ports to be open

    Im at work at the minute so not sure of the port numbers but heres some of the services i have running on those ports:

    smtp
    sunrpc
    kdm
    listen
    X11

    Im still a newbie on Linux so im not sure what ports to close and how to do this manually!
    Im still in the process of fixing my kernel, so im unable to install a firewall, either by compiling or installing the rpm, so any help would be great!

    Any other info yous may need, that ive forgotten to add, to help me just ask

    Cheers

    r3b00+

  2. #2
    Senior Member
    Join Date
    Apr 2002
    Posts
    1,050
    create a bash script that shuts the open ports with IPtables when you run it (eg)

    touch firewall

    vi firewall

    ./iptables -A INPUT -p tcp --dport 111 -j REJECT

    and ad lines like that to all the ports that are open then chmod 700 firewall

    you should also run a UDP scan on your box to,to see whats listening for UDP packets and just close those ports the same way exept replace TCP with UDP i will give you a file i used to create my iptables script if i see you in IRC or msn tonight

    EDIT you should be in the /sbin directory because thats where the iptables command is if it isnt in your default path
    By the sacred **** of the sacred psychedelic tibetan yeti ....We\'ll smoke the chinese out
    The 20th century pharoes have the slaves demanding work
    http://muaythaiscotland.com/

  3. #3
    It's a gas!
    Join Date
    Jul 2002
    Posts
    699
    Good man prodikal!

    Thanks alot

    Cheers

    r3b00+

  4. #4
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207
    Find the process that's listening on a port using netstat -pant

    Then you can either shut down the appropriate service (assuming you don't need it) or reconfigure it to not listen on tcp any more.

    X11 and kdm can both be configured not to listen on tcp ports (their usage locally will still work) and the others may be able to be shut down.

    My guess is that you don't need portmap running (unless you use nfs, in which case you should be behind a firewall anyway, right?) and probably don't need your smtp server running.

    You can disable services using whatever gui your distro uses for disabling services, or /sbin/chkconfig <servicename> off

    for example

    /sbin/chkconfig sendmail off

    might disable sendmail. see what services are installed using /sbin/chkconfig --list

    You might have a different mail server installed, in which case you'll have to disable it by whatever name it goes by.

    Note that chkconfig sendmail off does not shut the service down, just prevents it from starting up again on reboot. To shut it down use /etc/init.d/sendmail stop

  5. #5
    It's a gas!
    Join Date
    Jul 2002
    Posts
    699
    Thanks slarty, the help is appreciated.
    At work right now and going on a bender this weekend, so wont be able to try what prodikal and yourself suggested until Sunday at the earliest, so ill give it a go then!

    Cheers

    r3b00+

  6. #6
    Junior Member
    Join Date
    Dec 2002
    Posts
    15
    Some of the ports are opened (and listened to) by the inetd deamon. (for example: smtp, ftp, telnet, finger, ...)

    You can configure this deamon with /etc/inetd.conf
    Please note that you must restart the deamon, in order to activate the changes: 'killall -HUP inetd'

    Greetings,

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •