LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 04-19-2003, 06:38 PM   #1
pottsie
LQ Newbie
 
Registered: Apr 2003
Posts: 2

Rep: Reputation: 0
port 6000


hi folks,

i am fairly new to linux and need to find out about the "X" windows listening on port 6000. i have spent some time trying to harden my system and was disappointed when i went to a web site to find out that my system is only 44% secure.

after running the netstat command as root, i found that my system was listening on port 6000 and i would like to know, from any guru's out there, how i can close, or stealth, this port....????

nothing too technical please....i am still in the very beginnings of learning.

many thanks in advance.

pottsie
 
Old 04-19-2003, 07:20 PM   #2
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,780
Blog Entries: 1

Rep: Reputation: 412Reputation: 412Reputation: 412Reputation: 412Reputation: 412
Check out Jetblackz web site. He has a great section on how to harden your linux box including how to shut down unneeded services.
 
Old 04-19-2003, 10:02 PM   #3
bulliver
Senior Member
 
Registered: Nov 2002
Location: Edmonton AB, Canada
Distribution: Gentoo x86; Gentoo PPC; Gentoo Sparc64; FreeBSD; OS X; Solaris
Posts: 3,731
Blog Entries: 4

Rep: Reputation: 66
Do a search on this site for "-nolisten tcp" and you will find many threads that answer this question.
 
Old 04-21-2003, 12:51 AM   #4
Robert0380
Guru
 
Registered: Apr 2002
Location: Atlanta
Distribution: Gentoo
Posts: 1,280

Rep: Reputation: 47
iptables -p tcp -dport 6000 DROP
iptables -p udp -dport 6000 DROP
iptables -p icmp -dport 6000 dROP

there may be a 1-liner, but that will drop any attempt to connect to port 6000 on your machine from any host. if im wrong someone will correct me.

______________________________
HUKED ON FONIKS WERKED FOUR ME
 
Old 04-21-2003, 07:15 AM   #5
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,780
Blog Entries: 1

Rep: Reputation: 412Reputation: 412Reputation: 412Reputation: 412Reputation: 412
Closing down the port with iptables is a pefectly legit solution (although your syntax isn't quite right). And the one-liner would be

iptables -A INPUT -p ALL -i eth0 --dport 6000 -j DROP


However, if you never plan on using X remotely, why not shut it down? This has two advantages, First, if something goes wrong with the firewall, there is still no way to get in this way because nothing is listening to port 6000. Second, whatever resources are being used by X to listen to 6000 are freed.
 
Old 04-23-2003, 02:50 AM   #6
pottsie
LQ Newbie
 
Registered: Apr 2003
Posts: 2

Original Poster
Rep: Reputation: 0
shutting down port 6000...

thanks hangdog,

i might just shutdown this port. a great idea as i dont intend to use it. can you help me out and let me know how to shut it down???? excuse my ignorance, i am very new to linux.

thanks in advance.,
pottsie
 
Old 04-23-2003, 04:06 AM   #7
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,998
Blog Entries: 54

Rep: Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745
Quote:
Originally posted by bulliver
Do a search on this site for "-nolisten tcp" and you will find many threads that answer this question.
Pottsie, the answer above is the one you should start with, not the firewall script.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to close port 6000? WilliamS Slackware 12 03-02-2005 12:27 PM
help close port 6000 ronin4601 Linux - Newbie 6 04-23-2004 03:14 AM
Disable port 6000 hegrunt Linux - Software 4 09-08-2003 12:49 PM
Port 6000 sitrus Linux - Security 4 12-15-2001 03:25 AM
Port 6000 an xwindows saavik Linux - Networking 8 11-09-2001 12:08 PM


All times are GMT -5. The time now is 01:51 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration