How do i close my open ports???
Hey all im new to slack and im tyring to clsoe some of my open ports manly the ssh,ftp,and smtp ports it really leaves my system unsecure : ( and i dont wnat an unsecure system.
/***************************************************************************** root@Blue:/home/Synth# nmap localhost Starting nmap 3.30 ( http://www.insecure.org/nmap/ ) at 2003-07-05 12:13 PDT Interesting ports on localhost (127.0.0.1): (The 1634 ports scanned but not shown below are in state: closed) Port State Service 21/tcp open ftp 22/tcp open ssh 25/tcp open smtp 37/tcp open time 79/tcp open finger 111/tcp open sunrpc 113/tcp open auth 515/tcp open printer 587/tcp open submission 6000/tcp open X11 Nmap run completed -- 1 IP address (1 host up) scanned in 1.683 seconds *********************************************************************************/ as u can see i have way 2 many ports open how do i close them? thanx in advance |
Use a firewall program, or do research on iptables and learn to do it manually.
|
whats a good firewall program for slack? dons't it come with one ???
|
Yeah, it's called iptables. Which you will have to learn.
Or you can try this one: http://firestarter.sourceforge.net It's a front-end for iptables configuration. Good luck. |
If you don't need these services (likely in most cases) you can also turn them off. Most of them can be changed via /etc/inetd.conf.
For more info, check out these links. Disabling Daemons Disabling misc tools Cheers! Garry |
firestarter is for the gnome desktop and im running kde adn have completely uninstalled gnome all together. and on the webiste it says it should work on kde but i cant get it to install... so do u know any other good firewalls??? thanx in advance...
|
did you even attempt to just close them manually by editing your iptables, and then restarting the service?
|
i dont know how to edit the iptables and i dont know where the iptables woudl be located im a newbie to linux and Slack
|
I hate to tell you this, but: you're going to have to just learn iptables. You can look into a program called tinyfirewall . . . I dunno. It was the one that came with Mandrake for a while. Really, you're just going to have to learn iptables at some time because all a linux "firewall" is, in the sense you're talking about, is either an iptables front-end or an iptables configuration script. Either way you're going to need to know what is going on before you mess with those. You can, as I've been learning, have a pretty front-end but at the end of the day you need to know what is going on behind the scenes to properly use it.
http://iptables-tutorial.frozentux.net That has been a pretty good tutorial so far, albeit a bit heavy for a n00b. It's not exactly a quick read, but it's solid. You can also follow the links given above to manually shut down the services that are running causing the open ports. You'll most likely need to edit /etc/rc.inet1 and /etc/rc.inet2. *edit* To steal from a previous thread of mine asking about firewalls: A really basic script might be iptables -F iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP iptables -A INPUT -p tcp --syn -j ACCEPT iptables -A INPUT -p tcp -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT That should only allow programs you start on that machine to access the internet and should keep out connections from the outside. |
An excellent iptables script I found here by marcus...
Click Here. You may need to change certain variables and settings to accomodate to your needs. |
I just tested the iptables script thinger that I put in my last post: it needs some serious tweaking. Unless you like being unable to browse.
|
All times are GMT -5. The time now is 01:38 PM. |