LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 06-10-2003, 10:47 PM   #1
Tigger
Member
 
Registered: May 2003
Posts: 168

Rep: Reputation: 30
help with tftp please


Help

I am using red hat 8 server hosting my own web and mail server.

I am also a linux newbie with lots of questions.

However, the one i will ask now is the following:

I ran Languard on my server and it is telling me that i have port 69 tftp open and to comment out tftp from /etc/inetd.conf file and then restart it.

The problem i face is this, i have edited the file and there is no tftp in it. The file has got nothing in it apart from one line i put in so that my windows 2000 workstation could access pop3 from the linux box.

My question is - where is languard getting this tftp port open from?

In the meantime i have put the following in my iptables to stop the port -

iptables -A INPUT -p udp --dport 69 -j DROP

Any ideas please?

thanks
 
Old 06-11-2003, 02:27 PM   #2
nxny
Member
 
Registered: May 2002
Location: AK - The last frontier.
Distribution: Red Hat 8.0, Slackware 8.1, Knoppix 3.7, Lunar 1.3, Sorcerer
Posts: 771

Rep: Reputation: 30
In /etc/xinetd.d/tftp change/add a line that says disable=yes. And then..
/sbin/service xinetd restart

inetd has been replaced by the more powerful and secure xinetd and hence the configuration files have changed.
 
Old 06-11-2003, 02:32 PM   #3
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,383
Blog Entries: 55

Rep: Reputation: 3558Reputation: 3558Reputation: 3558Reputation: 3558Reputation: 3558Reputation: 3558Reputation: 3558Reputation: 3558Reputation: 3558Reputation: 3558Reputation: 3558
My question is - where is languard getting this tftp port open from?

TCP and UDP ports can be linked to services, the IANA maintains a list of those, on your box look in /etc/services. Scanners can use lists like that to look up which port belongs to which service. Nmap for instance comes with a list similar to /etc/services, but extended with several more ports. LAN-Guard does the same, look up a port in a list. This doesn't mean "tftp" is running on that port, but it is the port trivial ftp uses to run on.

To check if something is running on the port try "netstat -A inet -anp | grep ".*:69"". This would give you the name, process ID, protocols and port. If it returns no results, nothing is running on the port. Btw, Tftp uses both UDP and TCP port 69. If you want to avoid specifying all ports to block, see if a default policy of "drop" is more effective. Then you'll only have to specify the ports you need to use.
 
Old 06-11-2003, 05:37 PM   #4
Tigger
Member
 
Registered: May 2003
Posts: 168

Original Poster
Rep: Reputation: 30
thanks everyone, i will try these today and see how i go
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
tftp baparekh Linux - Networking 8 03-11-2005 07:50 AM
tftp baparekh Linux - Newbie 1 03-07-2005 02:51 PM
TFTP-Problem: TFTP timed out Bikerpete Linux - General 2 08-14-2003 05:25 AM
TFTP help!!! zhangyunyan Linux - Networking 3 12-05-2002 03:46 AM
TFTP not working bash Linux - Networking 1 07-28-2001 01:05 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 11:59 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration