Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
Just for the record im real new to linux. Im running fedora 2 with apache not to sure what version, it was on installed with the os.
Im trying to close up ports. Right now 80 http, and 443 https, (assuming i need both for the webserver) , 21 ftp and 110 pop3, are open. Id like to close 21 and 110.
oh and im running a fire wall and have port 80 trusted.
so far i have tried the following to close 21:
Followign instruction from "Basic hardening" from linux exposed
i edited /etc/xinetd.d/tftp
and commented out the "service tftp"
i did a restart then did a scan from a local xp bawx and it still showed me 21 as open.
then i edited /etc/services
I commented out the ftp parts
restarted and did anouther scan from the same machine and got the same results
i edited /etc/vsfpd/vsftpd.conf
and commented out everything
restarted and scanned same results.
Im not to sure what to do now
Is there something im missing (obviously)
any help or literature would be much apreciated
oh and i have stopped all the services via system settings > serversettings > services
1) TFTP is not FTP, they're different (though related)
2) The /etc/services file is a list of ports; it doesn't control what's listening on your machine
3) Commenting stuff out in config files usually just resets to default behavior.
The answer to your question is to stop vsftpd from listening. There should be a ftp file in /etc/xinetd.d -- open that file and set disable to yes and restart xinetd. If vsftpd isn't actually started from xinetd, service vsftpd stop should do the trick and chkconfig vsftpd off to keep it from restarting on boot.
I tried all of what you said ans 2 ouit of three3 scanners find it open. One acts weird, first scan not matter what the tiemout doesnt find it, stop and restart the scan and it gets it.
and made the change
not sure if this is right
it was commented out when i got to it
when i tried to stop the service i got 'failed',
i then went to sys settings, server settings, services
i looked at vsftpd i started the service there.....said it was running,
tried to stop it and i got
'vsftpd dead but subsys locked'
I have no idea what that means
thanks for the info
Probably vsftpd left a lock file in /var/lock/subsys or some such similar place. When you do ps aux do you see any vsftpd processes?
Oh -- here's another hint that may help -- do:
netstat -tpan | grep LISTEN
as root -- it will show you all processes and process ids listening on ports. You can use this info to figure out what process to kill, but it might restart on reboot, so check what's starting up with chkconfig (see the man page for more info).