LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 10-13-2009, 01:26 PM   #1
7mza
Member
 
Registered: May 2008
Location: Jordan
Distribution: use fedora but prefer Slackware
Posts: 98

Rep: Reputation: 15
Smile understanding open port on localhost


hi all .sorry for last thread about hack , but someone told me he can access my PC over the internet and thats why i asked that question
anyway when i test open port on my localhost it gave me this :

[root@Hamzah-PC ~]# nmap -sS localhost

Starting Nmap 5.00 ( http://nmap.org ) at 2009-10-13 23:05 EEST
Interesting ports on localhost (127.0.0.1):
Not shown: 995 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
111/tcp open rpcbind
631/tcp open ipp
3306/tcp open mysql

am not good enough with networking ,can someone explain me what this port mean ? and how to open and close each one ?
also what you Device me to protect my PC ?
 
Old 10-13-2009, 01:54 PM   #2
markush
Senior Member
 
Registered: Apr 2007
Location: Germany
Distribution: Slackware
Posts: 3,971

Rep: Reputation: 849Reputation: 849Reputation: 849Reputation: 849Reputation: 849Reputation: 849Reputation: 849
Hi 7mza,

as an example, the open port 22 means that the ssh-daemon is listning on port 22 for incoming requests, which means that anybody can access your computer via ssh.

Look at the /etc/services file, which lists the services and the related ports. Also read "man services".

To close the port stop the sshd daemon. How this is to do depends on the distribution. Mostly something like /etc/init.d/sshd stop. The name of the directory where the scripts for the daemon-programs reside may differ.

I think this will point you in the right direction to understand the other open ports.

Markus

Last edited by markush; 10-13-2009 at 01:55 PM.
 
Old 10-13-2009, 02:27 PM   #3
tommylovell
Member
 
Registered: Nov 2005
Distribution: Fedora, Redhat
Posts: 372

Rep: Reputation: 101Reputation: 101
If you need or want to leave sshd up, then it would be the responsibility of a firewall to block access to the system where sshd is running. That firewall typically is a separate piece of network gear (like the firewall built into a home router).

If you have no external hardware firewall, then you probably should think about at least using the software firewall facilities built into some (most?) distributions. There is one built into Fedora by default. (Mine is off at home as my Linksys router gives me a false sense of security; others might argue that it is a misplaced false sense of security...)

Others could advise about config'ing the builtin firewall, but in the Fedora gui, you can go to system->administration->firewall to see how or if it is set up.
 
Old 10-13-2009, 06:30 PM   #4
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.5, Centos 5.10
Posts: 16,287

Rep: Reputation: 2034Reputation: 2034Reputation: 2034Reputation: 2034Reputation: 2034Reputation: 2034Reputation: 2034Reputation: 2034Reputation: 2034Reputation: 2034Reputation: 2034
You can also use the menu System->Admin->Services to turn off those services.
Note that you really need to run that nmap from the outside of your router to see what ports are being forwarded to your system from the internet.
If this is just a home pc with no other systems, you prob don't need them open.
OTOH, localhost (127.0.0.1) is how your machine talks to itself, try nmap against the (probably) 192.168.x.x address.
Use

ifconfig -a

to get the 192.168.x.x. address.

You'll prob find almost no services running if this is a default install.

On localhost you almost definitely don't need ssh & rpcbind (used by nfs, nis).
Really you need to research each of those and see if you need them.
A simpler way is just to turn them off one at a time and see if anything breaks.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Understanding port forwarding DIGITAL39 Linux - Security 4 12-18-2006 11:57 AM
Understanding Kernel Patch and port it forward kushalkoolwal Linux - Kernel 3 06-14-2006 05:19 AM
localhost port 80 not available geletine Linux - Networking 8 06-12-2006 08:20 AM
route locally generated traffic to ip:port to localhost:port maenho Linux - Software 2 03-11-2005 04:08 AM
localhost:port sodhilogin Linux - General 7 05-14-2003 07:20 AM


All times are GMT -5. The time now is 01:40 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration