Guarddog leaves Cups port 631 open, how do I close it?
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Guarddog leaves Cups port 631 open, how do I close it?
I installed Mepis Linux on a friend's computer the other day. It's Debian-based. It came with Guarddog which I configured. She's on a stand-alone computer using a cable broadband connection. No servers, she just needs a connection to the internet for surfing, receiving mail and minor downloading. She's using Cups for her local parallel port printer.
I blocked the IPP protocol in Guarddog but it still leaves the IPP port 631 open, according to the GRC ShieldsUP scan. She doesn't need remote Cups access. I don't want to disable Cups because she needs it to print. What can we do?
This is her first experience with Linux. She lives in a different city and anything you suggest, I'm going to have to talk her through it over the phone, so I hope the solution is simple. I feel really bad leaving her computer vulnerable like this. She asked me for Linux and I just didn't have much time to tweak it after installing.
Configure cupsd to run on localhost (grep Listen cupsd.conf). If paranoid (and why not?) additionally configure Iptables to only accept traffic for the IPP port from localhost. I don't know if Cups is compatible with libwrap, if it is, then you could additionally configure /etc/hosts.allow (you *did* "echo ALL: ALL > /etc/hosts.deny" anyway, right?).
>Configure cupsd to run on localhost (grep Listen cupsd.conf)
What will that command show or do? I tried the command here and don't have that file on my system. She's in New Mexico and has no experience with Linux, commandline or Vi. I'm in Arizona using Slackware, not Debian-based Mepis. I have to walk her through things over the phone and that's hard if I can't see what she sees. Is there a way she could open and edit the Cups file using Kwrite? Perhaps she could send me the file and I could see how to change it to make it run on localhost? I don't even know where the Cups file would be...
I can't configure her IPtables, and doubt if she can, either. I wouldn't know how even if I was there.
>you *did* "echo ALL: ALL > /etc/hosts.deny" anyway, right?
No, I didn't. I don't even know what that means or does. Can you please elucidate?
Getting the file from her would be good, unless some userfriendly tool (re)configured it for her. Wanna get prepared: D/L Debian's Cups package, unpack and peruse the contents. Conf should live around /etc/cups/ or so, the line by default being commented out, reads something like "# Listen 631". Make it read "Listen 127.0.0.1:631", send file, make her restart Cups.
Same drill for the firewall I guess, but let's do one thing at a time.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.