Having trouble closing ports in slackware, below is nmaps output.


Starting nmap 3.75 ( http://www.insecure.org/nmap/ ) at 2005-07-13 14:52 GMT
Interesting ports on *My Server*:
(The 1649 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
111/tcp open rpcbind
139/tcp open netbios-ssn
445/tcp open microsoft-ds
587/tcp open submission
631/tcp open ipp
660/tcp open mac-srvr-admin
672/tcp open unknown
678/tcp open unknown
3306/tcp open mysql
6000/tcp open X11

Apart from 22,80,111, i want all the other ports closed. Any help would be *GREATLY*appreciated.

There is no need to add a "pleeeeeeeaaaaase Help" in your subject, it won't help.

Slackware behavior is to open everything you have installed (dumb behavior I know). You have to turn off services by yourself.

First, take a look at /etc/inetd.conf . Comment every services you don't need (this probably mean everything).
Then take a look at /etc/rc.d/inet1 (or is it 2? I don't remember and I'm not on a slackware box right now). Again, comment every services that start that you don't want.
There is probably some more services started by other scripts in /etc/rc.d/, you might want to browse around and comment what you don't need.

Then, writing a firewall (read : iptables) script to make sure everything is tightly closed would probably be a good idea.

Also do

which startx
edit the file and add -nolisten tcp to remove the port 6000 on the serverargs

the go to /etc/rc.d and chmod 600 every server you don't want to run.

cd /etc/rc.d
chmod 644 rc.sendmail rc.samba rc.mysql

These are tho ones I now will shutdown some of those ports(25, 139, 445, 3306) the others i'm not sure. You could read what each rc.<script> does by viewing them: more /etc/rc.d/rc.<scriptname>.

Changing these service start scripts to be non executable will stop them from starting.