LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 01-02-2004, 03:04 PM   #1
cyucuis
LQ Newbie
 
Registered: Jan 2004
Posts: 5

Rep: Reputation: 0
Disable port 3128


My users are not able to send email to AOL accounts based AOL's new spam policy. The server information I'm receiving from AOL is based on an open port 3128 on my web server. I have edited my services file in /etc and added port 3128 based on IANA's listing of port 3128. Before I made the change to the services file I could connect to my web server address with port 3128. After rebooting my web server I'm not able to connect which is good. I get a "connection to host lost" message. I should be getting a "could not open connection to host on port 3128 connect failed"

Is there something else I should do? AOL tech's can't give me any more info.
 
Old 01-03-2004, 04:30 PM   #2
stickman
Senior Member
 
Registered: Sep 2002
Location: Nashville, TN
Posts: 1,552

Rep: Reputation: 53
3128 is typically the proxy port for squid. Are you running squid? If yes, set the access list so that only clients on your internal network can connect or shut it down if it's not needed.
 
Old 01-05-2004, 08:58 AM   #3
cyucuis
LQ Newbie
 
Registered: Jan 2004
Posts: 5

Original Poster
Rep: Reputation: 0
Ok - can you give me an example? I don't believe I'm using squid. How can I find out if I am?
 
Old 01-05-2004, 09:22 AM   #4
stickman
Senior Member
 
Registered: Sep 2002
Location: Nashville, TN
Posts: 1,552

Rep: Reputation: 53
It would be a running process. Try the following:
ps -ef | grep squid
 
Old 01-05-2004, 09:43 AM   #5
cyucuis
LQ Newbie
 
Registered: Jan 2004
Posts: 5

Original Poster
Rep: Reputation: 0
Ok, I see it running on my Unix SCO box but not my web server Linux box. If I try to telnet to my web server address with port 3128 I get a connection to host lost. I don't want to connect to port 3128. Well, I mean AOL is telling me I have port 3128 open.
 
Old 01-07-2004, 11:13 AM   #6
cyucuis
LQ Newbie
 
Registered: Jan 2004
Posts: 5

Original Poster
Rep: Reputation: 0
I have found out that I'm not using squid. I'm guessing I need to close the port using an ipchain. Can you give me an example of how to close port 3128 using an ipchain.
 
Old 01-08-2004, 02:51 PM   #7
cyucuis
LQ Newbie
 
Registered: Jan 2004
Posts: 5

Original Poster
Rep: Reputation: 0
!!!!!!Finally!!!!!! after further digging I have closed port 3128.

I have a Cobalt Qube 3 (Sun). I disabled web caching and that eliminated port 80 to being redirected to port 3128.

The standard Linux ipchains utility intercepts HTTP requests and redirects the requests to the squid program. Non-HTTP traffic is routed through the server appliance normally, without redirection.

Disabling the web caching service disabled the ipchains utility to redirect web traffic and disabled squid to cache the web traffic.

By default, port 3128 is open facing both the LAN and the Internet. Now my firewall is working correctly.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Squid - Connection refused on port 3128 Deep13 Linux - Software 12 12-02-2009 03:49 AM
How to disable a port, such as 21? iclinux Linux - Networking 2 01-10-2005 04:48 AM
Disable Port 80 dvong3 Linux - Security 2 09-19-2003 08:32 AM
Failed to start squid because port 3128 is in use Frankd Linux - Software 0 10-14-2002 02:36 PM
port forward 3128 to 80 dangel Linux - Networking 1 01-02-2002 01:56 PM


All times are GMT -5. The time now is 05:17 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration