LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 10-09-2003, 02:05 PM   #1
ksgill
Senior Member
 
Registered: Apr 2003
Location: Toronto, Canada
Distribution: Ubuntu Jaunty (9.04)
Posts: 1,044

Rep: Reputation: 45
How do I close ports


nmap localhost gives me this:
Port State Service
22/tcp open ssh
25/tcp open smtp
111/tcp open sunrpc
505/tcp open mailbox-lm
631/tcp open ipp
6000/tcp open X11
I want to close certain ports, how do I go about doing that...
 
Old 10-09-2003, 02:09 PM   #2
Crashed_Again
Senior Member
 
Registered: Dec 2002
Location: Atlantic City, NJ
Distribution: Ubuntu & Arch
Posts: 3,503

Rep: Reputation: 57
What ports do you want to close? Each port represents a different service which is shutdown in different ways.
 
Old 10-09-2003, 02:10 PM   #3
Nimoy
Member
 
Registered: Jun 2003
Location: Currently Denmark
Distribution: Ubuntu 11.10
Posts: 334

Rep: Reputation: 30
This article on hardening your Linux box should have some nice pointers for you. (Bastille for instance - mentioned in the article helps closing down services "venerabilities")

http://www.linuxexposed.com/modules....&mode=&order=0

Hope this addressed your problem!
 
Old 10-09-2003, 02:12 PM   #4
Nimoy
Member
 
Registered: Jun 2003
Location: Currently Denmark
Distribution: Ubuntu 11.10
Posts: 334

Rep: Reputation: 30
venerabilities :-)..... damn spellchecker!
 
Old 10-09-2003, 02:13 PM   #5
trickykid
Guru
 
Registered: Jan 2001
Posts: 24,133

Rep: Reputation: 199Reputation: 199
22 = openssh - disable ssh if you want to close this.
25 = smtp - might have sendmail running, disable if you want to close
111 = sunrpc - mainly for remote protocol requests, nfs, etc. disable from xinetd or inet.conf if you want to close.
505 = not sure what this is, could be a particular app your currently running.
631 = same as above
6000 = X - you can disable this broadcast by using the --no listen option when starting X.

Another option is to learn and setup iptables and the such to setup your own firewall, etc.
 
Old 10-09-2003, 02:22 PM   #6
Genesee
Member
 
Registered: Dec 2002
Distribution: Slackware
Posts: 927

Rep: Reputation: 30
Quote:
Originally posted by Nimoy
This article on hardening your Linux box should have some nice pointers for you. (Bastille for instance - mentioned in the article helps closing down services "venerabilities")

http://www.linuxexposed.com/modules....&mode=&order=0
nice article - thanks for posting link Nimoy

 
Old 10-09-2003, 03:05 PM   #7
ksgill
Senior Member
 
Registered: Apr 2003
Location: Toronto, Canada
Distribution: Ubuntu Jaunty (9.04)
Posts: 1,044

Original Poster
Rep: Reputation: 45
thanks guys
 
Old 10-09-2003, 04:01 PM   #8
Rick485
Member
 
Registered: Sep 2003
Location: Arizona
Distribution: Kubuntu 8.04
Posts: 202

Rep: Reputation: 30
I am no expert at this but have a few comments anyway. Red Hat 9 and many other distros come with an iptables firewall. With iptables it is possible to close a specific port to incoming traffic and yet leave it open to outgoing traffic if that is what you want to do. It is also possible to open a specific port on your network at home while closing it to other networks such as the internet.

I took a course last semmester where we each had to change iptables settings from the command line in Red Hat 7.3. We only spent 2 hours doing that. It was only an introduction to the subject. I need to read up on that before I try that on my Red Hat 9 system at home. For now I just have just been using the "Security Level Program" that is found in the system settings menu. I just chose "medium" security. I have not yet tried to control the ports in a more detailed custom way.

There are several web pages on the internet that will scan my computers ports for me and tell me if any ports are open to hackers on the Internet. One such web page is this:

http://grc.com

When you go to the web page click on "Shields Up." It will check your ports for you. The web page is mainly for Windows users but I assume what it is checking would be valid for Linux too.

If you have a network with a Cisco router in it (or something similar) it is also possible to use extended access control lists to control what ports are open to whom in a way that seems to be very similar to iptables.
 
Old 10-09-2003, 07:42 PM   #9
michaelk
Moderator
 
Registered: Aug 2002
Posts: 11,988

Rep: Reputation: 753Reputation: 753Reputation: 753Reputation: 753Reputation: 753Reputation: 753Reputation: 753
port 631 is what cups runs on. CUPS is the print server.

I assume that 505 mailbox-lm has something to do with mail but have no clue.
 
Old 10-09-2003, 09:06 PM   #10
Rick485
Member
 
Registered: Sep 2003
Location: Arizona
Distribution: Kubuntu 8.04
Posts: 202

Rep: Reputation: 30
Below are two web pages that list most port numbers. Port 505 is not on the first list for some reason. On the first web page, if you click on the port number it will provide a little more info on what the port is normally used for. I am only familiar what what a few of the most common port numbers are used for.

http://www.iss.net/security_center/a...ts/default.htm
http://www.iana.org/assignments/port-numbers
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to Close Ports janderson622 Linux - Security 21 01-04-2007 05:59 PM
Which of these ports can I close? buddhahat Linux - Security 6 06-13-2005 07:40 AM
How can I close ports? nectron101 Linux - Networking 3 11-27-2004 11:22 PM
how to close ports hudy Linux - Security 4 06-23-2004 12:07 PM
how do i close ports. KidTonz Linux - Security 3 12-18-2001 02:43 AM


All times are GMT -5. The time now is 09:03 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration