Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
11-18-2004, 10:46 AM
|
#1
|
LQ Newbie
Registered: May 2004
Posts: 12
Rep:
|
Find open ports and close them
Hi,
I am setting up a server running SuSE 9.1.
And I'm looking for a way to find out what ports are open and how I can close them.
Thanx a bunch!
|
|
|
11-18-2004, 10:59 AM
|
#2
|
LQ Guru
Registered: Aug 2003
Distribution: CentOS, OS X
Posts: 5,131
Rep: 
|
one method is to put it on the net, run nmap or similar app from another machine (well, ought to work from the same machine too, but it doesn't hide those ports that are set to DROP all traffic, so it's not quite the same) to determine which ports are open and which closed. then the ports can be closed either by closing the services that are open on them, or then by a firewall like iptables if it's enabled in your kernel....probably is if it's a stock one
|
|
|
11-18-2004, 11:43 AM
|
#3
|
LQ Guru
Registered: Apr 2003
Location: nottingham england
Distribution: Gentoo
Posts: 2,672
Rep:
|
nmap is okay..... but you need a second machine to run the scan from, and it takes a few minutes....
most people just use 'netstat'
the only time you need nmap for your own machine is if you suspect that your machine may have been hacked and rooted.
|
|
|
11-18-2004, 12:14 PM
|
#4
|
LQ Guru
Registered: Aug 2003
Distribution: CentOS, OS X
Posts: 5,131
Rep: 
|
I disagree on that. it's great also when you're setting up network security and want to test it..and that was the first app that came to my mind 
|
|
|
11-18-2004, 12:25 PM
|
#5
|
LQ Guru
Registered: Apr 2003
Location: nottingham england
Distribution: Gentoo
Posts: 2,672
Rep:
|
yeah, nmap is great... but if you dont have 2 computers,,, or youu would rather get results instantly than have to wait a minute or 2... then netstat.
netstat will give the same results exactly (unless you are hacked and rooted)
|
|
|
11-18-2004, 01:20 PM
|
#6
|
Senior Member
Registered: Jun 2002
Location: Eastern PA, USA
Distribution: K/Ubuntu 18.04-14.04, Scientific Linux 6.3-6.4, Android-x86, Pretty much all distros at one point...
Posts: 1,802
Rep: 
|
To find your open ports, do a Shields UP scan.
https://grc.com/x/ne.dll?bh0bkyd2
The easy way to close them is to use SuSE Firewall 2 to close the open ports...
|
|
|
11-18-2004, 06:57 PM
|
#7
|
LQ Guru
Registered: Apr 2003
Location: nottingham england
Distribution: Gentoo
Posts: 2,672
Rep:
|
again, shiuelds up scan will take atleast 30 minutes to do a complete port scan....
why not do it properly !!! netstat !
there's the right way, and the slow way.
|
|
|
11-18-2004, 10:33 PM
|
#8
|
Member
Registered: Apr 2004
Distribution: Debian
Posts: 185
Rep:
|
You don't need a second machine to run nmap. All you need to do is point nmap at your eth0 ip. "nmap eth0ip" eth0ip being your ip address, of course use your favorite flags.. But I agree netstat -anp is better.
Last edited by peacebwitchu; 11-18-2004 at 10:38 PM.
|
|
|
All times are GMT -5. The time now is 01:30 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|