OMFG Please Help !!!

GloVe · 10-05-2003, 05:57 AM

i installed slack 9.1 couple of days agom and i scanned myself with Nmap, and i have the FINGER port open !!!! WTF how can that be???
and how can i close it???
thanks! it's very important!

ocularbob · 10-05-2003, 06:19 AM

you need to run a firewall. until you do everything is open

iptables tutorial

tobyl · 10-05-2003, 07:47 AM

So do you really need inetd at all?
If not, disable the blooming lot in etc/rc.d/rc.inet2
If you do, take a little trip to etc/inetd.conf, and remark out (#) what you don't want.

note:
# If you make changes to this file, either reboot your machine or send the
# inetd a HUP signal:
# Do a "ps x" as root and look up the pid of inetd. Then do a
# "kill -HUP <pid of inetd>".
# The inetd will re-read this file whenever it gets that signal.

or reboot if that is too much.

Dont forget, when you scan yourself, you are looking at the ports fron 'inside' any firewall you have running, so sort out your firewall and get your box scanned from 'outside', there are sites that will do this for you as I am sure you know.

tobyl

Tarts · 10-05-2003, 08:28 AM

GRC

You can scan your port's from the link above, what I did was scan all service port's. I think the site is cool because it show's a graphical picture of your port's as either being open, closed or stealth, it's called Shield's up.

sopiaz57 · 10-14-2003, 01:02 PM

You say disable the inetd alltogether, would you be able to use apache without inetd"?

MsMittens · 10-14-2003, 04:28 PM

Perhaps disabling finger would be the best option. Just open inetd.conf using your fav editor, find the line with finger and remark it out (using a # symbol). Then as mentioned above do the following (as root):

ps aux | grep inetd
kill -HUP <pid of inetd>

Should be resolved. You may want to look at the following file if you haven't seen it before: Thymus' Guide to Securing Slackware (Note: it's a PDF)