susefirewall leaves open ports??????
Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Thread: susefirewall leaves open ports??????

  1. #1
    Senior Member
    Join Date
    Dec 2003
    Posts
    121

    Question susefirewall leaves open ports??????

    Ok i have configured my susefirewall (i think correctly) and then did an nmap localhost: i have 5 open ports (ssh,x11,smtp,etc)...how can that happens? In fact I am used to zone alarm when i was asked about every port which was about to open..now i dont get any messages..is it possible to configure (or to find another) firewall so as to ask me about everything? And how do i disable sevices (esp X11 and smtp)?
    Also when I have these ports opened it means i have them as server apps or as client ones?
    Is there any prog to automatically delete all cookies every time I finish internet connection?

  2. #2
    Member
    Join Date
    May 2002
    Posts
    68
    It depends whether they are low well known ports or not. If smtp is port 25, then your running an email server. The firewall is letting these services through so they can be used. You need to go to your system services and stop the ones you don't want, then maybe try putting your firewall on high, it probably is defaulted to a moderate setting.
    [gloworange]
    find /home/$newbie -name *? | www.google.com 2>/dev/null
    [/gloworange]

  3. #3
    Senior Member
    Join Date
    Dec 2003
    Posts
    121
    Where exactly should i go to stop the services i dont want? I conf the firewall manually not automatically...
    Is that the place where I am supposed to say sth clever and brilliant so that everybody understands how clever nice guy I am????
    Screw you guys I am going home!-Kartman

  4. #4
    Member
    Join Date
    May 2002
    Posts
    68
    WWW.GOOGLE.COM WWW.GOOGLE.COM WWW.GOOGLE.COM WWW.GOOGLE.COM

    Research first ask questions later. Even if you don't have access to the internet, it shouldn't be too hard to find it if you're using X, look around in the system settings/preferences, try apropos services from the command line.

    SPELLED OUT:

    search for: suse stop services - gives the answer in first 5 search results.

  5. #5
    Senior Member n01100110's Avatar
    Join Date
    Jan 2002
    Posts
    347
    If you want to disable your mail server, find it in xinetd.d or inetd, whatever your using..And remove whatever entry you need to remove for it to stop at bootup...And delete the daemon itself, so that in the future it doesn't get activated again by accident...What I do from my system, since I boot in runlevel 3, when i get to the terminal if i want to start x, i'll type
    startx -- -nolisten tcp
    then, x will start without the port listening..Add alias startx='startx -- -nolisten tcp' to your $HOME/.profile for it to not listen next time you login..
    But in case you want a smtp server listening, but you want to control the access levels, look into tcp wrappers located in /etc/hosts.allow and /etc/hosts.deny...Hope i gave a helping hand...
    "Serenity is not the absence of conflict, but the ability to cope with it."

  6. #6
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324
    Also, where did you do your scan from? If you did it from the machine with the firewall, and you allow the the machine with the firewall, then thats why they could be showing up.

    If you did it from a remote machine that the rules are supposed to block... then you have to look at your rules and reconfigure.

    I believe in SuSE you can use yast2 and edit the runlevel properties of which services to start/stop. You have to know what runlevel you are booting to.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  7. #7
    AO BOFH: Luser Abuser BModeratorFH gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Easy killer. No one can connect to those ports untill you tell the firewall they can anyway. Open YAST and find run levels. It's towards the bottom on the left where you choose things in YAST....I can't remember fof hand which setting it is, but when you see something called run levels, click on that. Then click on edit run level properties. 5 Is the default and you should see SSHd and all the others running.

    ONLY DISABLE SSH, and the others you are SURE of. Some of those NEED to run for the system. You could have figured out it didn't allow you to connect by using another machine with putty or SSH and trying to connect. You have to tell the firewall to allow a service. If you don't, it will still show up, but not allow a connection to be made.

    Now, take a deep breath, and repeat after me 5 times:

    I will not doubt SuSE, the firewall SuSE firewall2, or gore, and I will remain calm when something seems like it's not working, and I will relax and ask gore for all my SuSe troubles, and if he is not sure, I will contact SuSE via Email and ask them. I will not flip over what I do not understand. gore owns me

    Feel better now? Good, relax man.

    For all users new to SuSE Linux:

    SuSE Linux, being one of the best OSs in the entire world, is mainly controlled by YAST2, a tool that makes RHN look like Microsoft's notepad comparing to Vi. Also, you may also edit configuration files the Slackware way by hand. YAST2 makes moving to Linux alot easier.

    I recommend you open YAST2 and look around. Look at everything. Don't play with things untill you are sure of them, or want to learn in this way, but if you are afraid of screwing something up, just look and not touch. after you have YAST2 down, it's easy.
    Kill the lights, let the candles burn behind the pumpkins’ mischievous grins, and let the skeletons dance. For one thing is certain, The Misfits have returned and once again everyday is Halloween.The Misfits FreeBSD
    Cannibal Holocaust
    SuSE Linux
    Slackware Linux

  8. #8
    Member
    Join Date
    Aug 2003
    Posts
    44
    Besides all this, nmap localhost is different from nmap <ip address of machine>.
    nmap localhost scans the 127.0.0.1 loopback interface.

    [Edit]
    nmap <ip address of machine> is what the outside world will see.

  9. #9
    Senior Member
    Join Date
    Dec 2003
    Posts
    121
    Thaaanks!Also:
    To:
    extremez: ok i know stfw
    gore:i repeated everything you said and now really feel better...
    to all:again thanks
    Did I thank you?
    Thank you
    Byeeeeeeee
    PS:thanks
    Ps2:gore,should i follow everything you said???????Even the gore-owns-me-thing???????
    Is that the place where I am supposed to say sth clever and brilliant so that everybody understands how clever nice guy I am????
    Screw you guys I am going home!-Kartman

  10. #10
    AO BOFH: Luser Abuser BModeratorFH gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Originally posted here by tyfon
    Thaaanks!Also:
    To:
    extremez: ok i know stfw
    gore:i repeated everything you said and now really feel better...
    to all:again thanks
    Did I thank you?
    Thank you
    Byeeeeeeee
    PS:thanks
    Ps2:gore,should i follow everything you said???????Even the gore-owns-me-thing???????
    Yes! And send me all of your money too! Then you will truely be happy.
    Kill the lights, let the candles burn behind the pumpkins’ mischievous grins, and let the skeletons dance. For one thing is certain, The Misfits have returned and once again everyday is Halloween.The Misfits FreeBSD
    Cannibal Holocaust
    SuSE Linux
    Slackware Linux

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides