Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Just for the record im real new to linux. Im running fedora 2 with apache not to sure what version, it was on installed with the os.
Im trying to close up ports. Right now 80 http, and 443 https, (assuming i need both for the webserver) , 21 ftp and 110 pop3, are open. Id like to close 21 and 110.
oh and im running a fire wall and have port 80 trusted.
so far i have tried the following to close 21:
Followign instruction from "Basic hardening" from linux exposed
i edited /etc/xinetd.d/tftp
and commented out the "service tftp"
i did a restart then did a scan from a local xp bawx and it still showed me 21 as open.
then i edited /etc/services
I commented out the ftp parts
restarted and did anouther scan from the same machine and got the same results
i edited /etc/vsfpd/vsftpd.conf
and commented out everything
restarted and scanned same results.
Im not to sure what to do now
Is there something im missing (obviously)
any help or literature would be much apreciated
oh and i have stopped all the services via system settings > serversettings > services
1) TFTP is not FTP, they're different (though related)
2) The /etc/services file is a list of ports; it doesn't control what's listening on your machine
3) Commenting stuff out in config files usually just resets to default behavior.
The answer to your question is to stop vsftpd from listening. There should be a ftp file in /etc/xinetd.d -- open that file and set disable to yes and restart xinetd. If vsftpd isn't actually started from xinetd, service vsftpd stop should do the trick and chkconfig vsftpd off to keep it from restarting on boot.
I tried all of what you said ans 2 ouit of three3 scanners find it open. One acts weird, first scan not matter what the tiemout doesnt find it, stop and restart the scan and it gets it.
and made the change
not sure if this is right
it was commented out when i got to it
when i tried to stop the service i got 'failed',
i then went to sys settings, server settings, services
i looked at vsftpd i started the service there.....said it was running,
tried to stop it and i got
'vsftpd dead but subsys locked'
I have no idea what that means
thanks for the info
Probably vsftpd left a lock file in /var/lock/subsys or some such similar place. When you do ps aux do you see any vsftpd processes?
Oh -- here's another hint that may help -- do:
netstat -tpan | grep LISTEN
as root -- it will show you all processes and process ids listening on ports. You can use this info to figure out what process to kill, but it might restart on reboot, so check what's starting up with chkconfig (see the man page for more info).