|
Nmapfe, open ports, and running services
Hello to all.
As I stated in a previous post, my knowledge of security-related topics is rather limited, so please excuse the ignorance. Back when I put Slackware on this box, I believe I turned on things like sshd and sendmail assuming I needed those to use mail and ssh (although the way I understand it now those are only if I'm hosting a mail server or allowing remote ssh logins to my machine). First I'd like to know how to turn those two off. Second, and what prompted my desire to do that... I found the utility nmapfe and ran it with the default options with root. It lists several open ports, and I just wanted to post that output here and see if anyone can give me any advice about what is normal and I shouldn't worry about and if there is anything there that might be a security issue that needs to be taken care of. Thanks in advance. Here's the output: Code:
Interesting ports on localhost (127.0.0.1): |
Im not familiar with slackware so im not sure how to close these ports but im sure a search on google will help but as for the ports
22/tcp- ssh This an ssh server it lets you connect to the machine remotely via a terminal. Its pretty safe to leave open, but if your not using it shut it down 25/tcp open smtp Mail server this is for sending email again if not using shut it down 139/tcp open netbios-ssn shut it down 587/tcp open submission its for email shut it down 631/tcp open ipp internet printing protocal shut it down 6000/tcp open X11 it allows others to connect to your x server disable it. |
Thanks for the info. I can probably figure out how to turn off sendmail and ssh since they start at bootup, but the others I'll need some help on. Does anyone have any specifics as to how to disable any/all of these?
|
ssh at boot up disable ssh
smtp disable sendmail or postfix whichever you have netbios-ssn disable samba or any filesharing submission disable email like sendmail postfix qmail exim etc ipp disable cups or lpd X11 you have to edit the configuration file for this i believe Its either /usr/X11R6/bin/startx or where ever you X11R6 folder is it might be called XFree86Config instead of startx in there change the line that looks like serverargs and change it to this serverargs="-nolisten tcp" but then again you might want to search google for exactly where this file is or man xfree86 |
edit
"/usr/bin/X11/startx" and changing two lines to: defaultserverargs="-nolisten tcp" serverargs="-nolisten tcp" And then editing /etc/X11/wdm/Xservers and change the line to: local /usr/bin/X11/X -nolisten tcp but maybe there is a newer way, like newXgroup or so . :rolleyes: aehm wdm being your window manager. But don't complain if you aint have no gdm kinda thingy any more. :) |
init 3 control alt backspace :D
go console man. :p |
On a serious note in the old times xhost - did a lot in access control
|
on a serious note i think init 5 should not even be an option like the good old dos days. :)
|
It all went downhill when they tried to improve on my 300 Baud acoustic coupler. :D Internet pah :rolleyes: BBS is king :)
Just portscanned an illegal login attempter. ssh ONE on port 199 and one on 22 v2 Oracle enterprise Edition Business cracked system. All that for porn to load faster :D |
Thats right and if we had stayed there , 256K of ram would have been all we ever needed.
Rather than the now 768Megs i have and its still not enough |
LOL my ex boss thought a numeric keyboard was modern bull shit :D
|
And my first slackware on a 386 SX. 16 minutes boot time. Oh I really miss it. :jawa: Now I am outdated outclassed outnumbered. :(
|
I still remember the first time i installed redhat 5.2 on my 486 and got rooted in about 30 minutes with password being redhat of course. :)
|
Watching Levy-Shoemaker crashing into Jupiter on Mosaic and the ominous coffe maschine :o
|
Yet my father was feeding wee stencil cards and casette tapes into horrible big machines. :eek:
|
| All times are GMT -5. The time now is 12:35 AM. |