LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   how to close open ports (https://www.linuxquestions.org/questions/linux-networking-3/how-to-close-open-ports-77548/)

mayagenesis 07-31-2003 12:27 AM
how to close open ports
 
Can somebody help me with closing down ports. I used nmap localhost to find the open ports and this is the result.

Starting nmap V. 3.00 ( )
Interesting ports on localhost.localdomain (127.0.0.1):
(The 1598 ports scanned but not shown below are in state: closed)
Port State Service
111/tcp open sunrpc
631/tcp open ipp
6000/tcp open X11

Nmap run completed -- 1 IP address (1 host up) scanned in 1 second

---------------------------------

well I went to services and stopped the services but the next time I restart, the services are back again. Anyone has idea what is going on and what I need to do.

Thanks in Advance.

gabriele_101 07-31-2003 12:47 AM
There are a number of things that you can do, but they depend largely on what installation and version of Linux you are using.

Furthermore, if you ran nmap from your machine, there is no guarntee that those ports are open to connections not originated from localhost, so it is possible (albeit unlikely) that no can connect to some of those ports unless they are already on your machine. For example, I get different results if I run "nmap localhost" vs "nmap my.host.name.org" from another machine, but I have a physical firewall inbetween.

As for stopping the services: if you want them not to restart at boot-up or when changing init levels (if you do that) you'll have to edit the runlevel services. Again, if you want to do this using a GUI, you'll need to let us know which distribution of Linux you are using.

Additionally, I would suggest if at all possible, to set up a firewall like ipchains to run on your system. It's probably already there. If you can, I strongly recommend installing webmin so that you can easily manage this sort of stuff with a web-based GUI.

Lastly, if you want to try a quick fix, tryediting /etc/host.deny, make sure that there is only one uncommented line like so:

ALL : ALL

Then make sure that there are no uncommented lines in /etc/hosts.allow

On some systems, this will effectively turn off all ports. But it's not the best way to do it, especially if it's the only precaution you take.

-G


All times are GMT -5. The time now is 03:47 AM.