LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
Search this Thread
Old 07-05-2003, 11:14 PM   #1
Synth218
Member
 
Registered: May 2003
Location: U S of A
Distribution: Slack 12.1
Posts: 83

Rep: Reputation: 15
How do i close my open ports???


Hey all im new to slack and im tyring to clsoe some of my open ports manly the ssh,ftp,and smtp ports it really leaves my system unsecure : ( and i dont wnat an unsecure system.
/*****************************************************************************
root@Blue:/home/Synth# nmap localhost

Starting nmap 3.30 ( http://www.insecure.org/nmap/ ) at 2003-07-05 12:13 PDT
Interesting ports on localhost (127.0.0.1):
(The 1634 ports scanned but not shown below are in state: closed)
Port State Service
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
37/tcp open time
79/tcp open finger
111/tcp open sunrpc
113/tcp open auth
515/tcp open printer
587/tcp open submission
6000/tcp open X11

Nmap run completed -- 1 IP address (1 host up) scanned in 1.683 seconds
*********************************************************************************/
as u can see i have way 2 many ports open how do i close them? thanx in advance
 
Old 07-05-2003, 11:22 PM   #2
Locura
Member
 
Registered: May 2003
Distribution: Ubuntu 6.10 SE, Mac OS 10.4.8
Posts: 370

Rep: Reputation: 30
Use a firewall program, or do research on iptables and learn to do it manually.
 
Old 07-05-2003, 11:31 PM   #3
Synth218
Member
 
Registered: May 2003
Location: U S of A
Distribution: Slack 12.1
Posts: 83

Original Poster
Rep: Reputation: 15
whats a good firewall program for slack? dons't it come with one ???
 
Old 07-06-2003, 12:19 AM   #4
SocialParasite
Member
 
Registered: Feb 2003
Distribution: Slackware 10
Posts: 38

Rep: Reputation: 15
Yeah, it's called iptables. Which you will have to learn.

Or you can try this one:

http://firestarter.sourceforge.net

It's a front-end for iptables configuration. Good luck.
 
Old 07-06-2003, 12:20 AM   #5
major.tom
Member
 
Registered: Jun 2003
Location: Canada
Distribution: Slackware (current); Gentoo (newbie)
Posts: 142

Rep: Reputation: 15
If you don't need these services (likely in most cases) you can also turn them off. Most of them can be changed via /etc/inetd.conf.

For more info, check out these links.

Disabling Daemons

Disabling misc tools

Cheers!

Garry

Last edited by major.tom; 07-06-2003 at 12:23 AM.
 
Old 07-06-2003, 12:46 AM   #6
Synth218
Member
 
Registered: May 2003
Location: U S of A
Distribution: Slack 12.1
Posts: 83

Original Poster
Rep: Reputation: 15
firestarter is for the gnome desktop and im running kde adn have completely uninstalled gnome all together. and on the webiste it says it should work on kde but i cant get it to install... so do u know any other good firewalls??? thanx in advance...
 
Old 07-06-2003, 12:49 AM   #7
DrOzz
Senior Member
 
Registered: May 2003
Location: Sydney, Nova Scotia, Canada
Distribution: slackware
Posts: 4,185

Rep: Reputation: 59
did you even attempt to just close them manually by editing your iptables, and then restarting the service?
 
Old 07-06-2003, 12:50 AM   #8
Synth218
Member
 
Registered: May 2003
Location: U S of A
Distribution: Slack 12.1
Posts: 83

Original Poster
Rep: Reputation: 15
i dont know how to edit the iptables and i dont know where the iptables woudl be located im a newbie to linux and Slack
 
Old 07-06-2003, 12:56 AM   #9
SocialParasite
Member
 
Registered: Feb 2003
Distribution: Slackware 10
Posts: 38

Rep: Reputation: 15
I hate to tell you this, but: you're going to have to just learn iptables. You can look into a program called tinyfirewall . . . I dunno. It was the one that came with Mandrake for a while. Really, you're just going to have to learn iptables at some time because all a linux "firewall" is, in the sense you're talking about, is either an iptables front-end or an iptables configuration script. Either way you're going to need to know what is going on before you mess with those. You can, as I've been learning, have a pretty front-end but at the end of the day you need to know what is going on behind the scenes to properly use it.

http://iptables-tutorial.frozentux.net

That has been a pretty good tutorial so far, albeit a bit heavy for a n00b. It's not exactly a quick read, but it's solid.

You can also follow the links given above to manually shut down the services that are running causing the open ports. You'll most likely need to edit /etc/rc.inet1 and /etc/rc.inet2.

*edit*

To steal from a previous thread of mine asking about firewalls:

A really basic script might be

iptables -F

iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP

iptables -A INPUT -p tcp --syn -j ACCEPT
iptables -A INPUT -p tcp -m state --state ESTABLISHED,RELATED -j ACCEPT

iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

That should only allow programs you start on that machine to access the internet and should keep out connections from the outside.

Last edited by SocialParasite; 07-06-2003 at 12:59 AM.
 
Old 07-06-2003, 06:25 AM   #10
Azmeen
Senior Member
 
Registered: May 2003
Location: Malaysia
Distribution: Slackware, LFS, CentOS
Posts: 1,307

Rep: Reputation: 46
An excellent iptables script I found here by marcus...

Click Here.

You may need to change certain variables and settings to accomodate to your needs.
 
Old 07-06-2003, 02:31 PM   #11
SocialParasite
Member
 
Registered: Feb 2003
Distribution: Slackware 10
Posts: 38

Rep: Reputation: 15
I just tested the iptables script thinger that I put in my last post: it needs some serious tweaking. Unless you like being unable to browse.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How do I close open ports ??? apache Linux - Security 2 07-20-2004 07:44 PM
Which ports should I keep open and which close?? apache Linux - Security 3 07-19-2004 08:31 AM
how to close open ports mayagenesis Linux - Networking 1 07-31-2003 12:47 AM
open ports... how do i close them? prodigius Linux - Security 3 01-18-2002 08:35 AM
how to close open ports zyan Linux - Security 3 08-04-2001 08:11 PM


All times are GMT -5. The time now is 07:16 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration