-   Linux - Newbie (
-   -   Find open ports and close them (

geodo 11-18-2004 09:46 AM

Find open ports and close them

I am setting up a server running SuSE 9.1.
And I'm looking for a way to find out what ports are open and how I can close them.

Thanx a bunch!

b0uncer 11-18-2004 09:59 AM

one method is to put it on the net, run nmap or similar app from another machine (well, ought to work from the same machine too, but it doesn't hide those ports that are set to DROP all traffic, so it's not quite the same) to determine which ports are open and which closed. then the ports can be closed either by closing the services that are open on them, or then by a firewall like iptables if it's enabled in your kernel....probably is if it's a stock one

qwijibow 11-18-2004 10:43 AM

nmap is okay..... but you need a second machine to run the scan from, and it takes a few minutes....

most people just use 'netstat'

the only time you need nmap for your own machine is if you suspect that your machine may have been hacked and rooted.

b0uncer 11-18-2004 11:14 AM

I disagree on that. it's great also when you're setting up network security and want to test it..and that was the first app that came to my mind :)

qwijibow 11-18-2004 11:25 AM

yeah, nmap is great... but if you dont have 2 computers,,, or youu would rather get results instantly than have to wait a minute or 2... then netstat.

netstat will give the same results exactly (unless you are hacked and rooted)

JaseP 11-18-2004 12:20 PM

To find your open ports, do a Shields UP scan.

The easy way to close them is to use SuSE Firewall 2 to close the open ports...

qwijibow 11-18-2004 05:57 PM

again, shiuelds up scan will take atleast 30 minutes to do a complete port scan....

why not do it properly !!! netstat !
there's the right way, and the slow way.

peacebwitchu 11-18-2004 09:33 PM

You don't need a second machine to run nmap. All you need to do is point nmap at your eth0 ip. "nmap eth0ip" eth0ip being your ip address, of course use your favorite flags.. But I agree netstat -anp is better.

All times are GMT -5. The time now is 10:50 AM.