LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   cant get port 21 to close (https://www.linuxquestions.org/questions/linux-newbie-8/cant-get-port-21-to-close-230175/)

crosswire 09-13-2004 03:33 PM
cant get port 21 to close
 
Hello,
Just for the record im real new to linux. Im running fedora 2 with apache not to sure what version, it was on installed with the os.
Im trying to close up ports. Right now 80 http, and 443 https, (assuming i need both for the webserver) , 21 ftp and 110 pop3, are open. Id like to close 21 and 110.
oh and im running a fire wall and have port 80 trusted.
so far i have tried the following to close 21:

Followign instruction from "Basic hardening" from linux exposed
i edited /etc/xinetd.d/tftp
and commented out the "service tftp"
i did a restart then did a scan from a local xp bawx and it still showed me 21 as open.

so

then i edited /etc/services

I commented out the ftp parts

restarted and did anouther scan from the same machine and got the same results

then...
i edited /etc/vsfpd/vsftpd.conf
and commented out everything

restarted and scanned same results.

Im not to sure what to do now

Is there something im missing (obviously)

any help or literature would be much apreciated

oh and i have stopped all the services via system settings > serversettings > services

and still shows open

all out of ideas for now..

btmiller 09-13-2004 03:43 PM
A couple of points:

1) TFTP is not FTP, they're different (though related)
2) The /etc/services file is a list of ports; it doesn't control what's listening on your machine
3) Commenting stuff out in config files usually just resets to default behavior.

The answer to your question is to stop vsftpd from listening. There should be a ftp file in /etc/xinetd.d -- open that file and set disable to yes and restart xinetd. If vsftpd isn't actually started from xinetd, service vsftpd stop should do the trick and chkconfig vsftpd off to keep it from restarting on boot.

Follow the same procedure with POP3.

crosswire 09-13-2004 08:30 PM
Hey
Thanks for the reply

I tried all of what you said ans 2 ouit of three3 scanners find it open. One acts weird, first scan not matter what the tiemout doesnt find it, stop and restart the scan and it gets it.

i edited/etc/vsftpd/vsftpd.conf

and made the change
listen=no
not sure if this is right
it was commented out when i got to it


when i tried to stop the service i got 'failed',
i then went to sys settings, server settings, services
i looked at vsftpd i started the service there.....said it was running,
tried to stop it and i got
'vsftpd dead but subsys locked'


I have no idea what that means
thanks for the info
much help

btmiller 09-13-2004 11:56 PM
Probably vsftpd left a lock file in /var/lock/subsys or some such similar place. When you do ps aux do you see any vsftpd processes?

Oh -- here's another hint that may help -- do:

netstat -tpan | grep LISTEN

as root -- it will show you all processes and process ids listening on ports. You can use this info to figure out what process to kill, but it might restart on reboot, so check what's starting up with chkconfig (see the man page for more info).

crosswire 09-14-2004 06:17 PM
hey whats up

ok i tried ps aux
nothing that looked like vsftpd or close to it

i did find vsftpd in /var/lock/subsys
can i do anything with that?

when i did

netstat -tpan | grep listen

it showed me 80 and 443

then i did chkconfig --list

showed me abunch of things but vsftpd 1through 6 off

seems to me that its off all over the place and still showing for some reason

lock file?

thanks


All times are GMT -5. The time now is 06:41 PM.