Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
As I stated in a previous post, my knowledge of security-related topics is rather limited, so please excuse the ignorance. Back when I put Slackware on this box, I believe I turned on things like sshd and sendmail assuming I needed those to use mail and ssh (although the way I understand it now those are only if I'm hosting a mail server or allowing remote ssh logins to my machine). First I'd like to know how to turn those two off. Second, and what prompted my desire to do that... I found the utility nmapfe and ran it with the default options with root. It lists several open ports, and I just wanted to post that output here and see if anyone can give me any advice about what is normal and I shouldn't worry about and if there is anything there that might be a security issue that needs to be taken care of. Thanks in advance. Here's the output:
Code:
Interesting ports on localhost (127.0.0.1):
(The 1651 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
139/tcp open netbios-ssn
587/tcp open submission
631/tcp open ipp
6000/tcp open X11
Im not familiar with slackware so im not sure how to close these ports but im sure a search on google will help but as for the ports
22/tcp- ssh This an ssh server it lets you connect to the machine remotely via a terminal. Its pretty safe to leave open, but if your not using it shut it down
25/tcp open smtp Mail server this is for sending email again if not using shut it down
139/tcp open netbios-ssn shut it down
587/tcp open submission its for email shut it down
631/tcp open ipp internet printing protocal shut it down
6000/tcp open X11 it allows others to connect to your x server disable it.
Thanks for the info. I can probably figure out how to turn off sendmail and ssh since they start at bootup, but the others I'll need some help on. Does anyone have any specifics as to how to disable any/all of these?
ssh at boot up disable ssh
smtp disable sendmail or postfix whichever you have
netbios-ssn disable samba or any filesharing
submission disable email like sendmail postfix qmail exim etc
ipp disable cups or lpd
X11 you have to edit the configuration file for this i believe
Its either /usr/X11R6/bin/startx or where ever you X11R6 folder is it might be called XFree86Config instead of startx in there change the line that looks like
serverargs and change it to this
serverargs="-nolisten tcp"
but then again you might want to search google for exactly where this file is or man xfree86
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.