How to stealth port #113 ?

johnm1957 · 06-04-2002, 07:19 PM

I know this is a much discussed topic but I am a newbie, and I need some help. I am running SuSE 8.0, with SuSE Firewall2. When I go to grc.com to test my ports, I get all ports are stealthed, but the ident port #113. Shields up says port #113 is closed, but not stealthed. Is this a problem? If it is how do I stealth this port like all the rest.
TIA, John

crashmeister · 06-04-2002, 07:31 PM

Forget all that crab - I use onlinescanners just for the fun of it.
Number of hosts which were alive during the test : 0
The last one told me that either the connection was dropped or I use a proxy or firewall that doesn't forward the packages.
I don't even have a firewall and never used a proxy and my connection was up, thank you.

neo77777 · 06-04-2002, 11:31 PM

try running nmap against your IP from another machine if yu have another one, refer to man nmap for options, the basic SYN stealth scan on all ports with TC&ICMP ping with OS detection would look like
nmap -sS -p 1- -O YOUR.IP.ADDRESS.HERE
Closed state means that the response from your machine was received but the port is closed, but in any case a sophisticated cracker may run DoS thru identd, disable it if you don't need it

crashmeister · 06-05-2002, 05:17 AM

Have a look at http://www.grcsucks.com

johnm1957 · 06-05-2002, 05:01 PM

neo 77777; Thanks for your advice, if I disable the ident port #113, how do I do that?. Remember I am a newbie.
TIA Hamster1

neo77777 · 06-05-2002, 10:25 PM

ok, SuSE? I believe the runlevel services are controled in Yast2, as soon as you get to it just uncheck inetd from the list, or if you have a KDE installed (doesn't mean you have it running though) and if you installed the admin packages for KDE, run as root
ksysv
it will give you a layout of all the running services, so if you disable inetd to start in runlevels 3 and 5 you're good to roll.