LinuxQuestions.org - How do I close open ports ???

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - How do I close open ports ??? (https://www.linuxquestions.org/questions/linux-security-4/how-do-i-close-open-ports-207282/)

How do I close open ports ???

Hello All,
I am using APF and iptables filrrtewall on different servers.On my local sever I use APF .
When I scanned my local server for open ports I found the port 631 is open which is a tcp port using ipp service.
I have tried to close the port by adding the entries in deny_host file in apf directory as:
tcp:in:s=631:s=0.0.0.0
then i restarted the firewall as
apf -s
But still it is showing the port is open.
How can i close it?

Re: How do I close open ports ???

Quote:

Originally posted by apache
Hello All,
I am using APF and iptables filrrtewall on different servers.On my local sever I use APF .
When I scanned my local server for open ports I found the port 631 is open which is a tcp port using ipp service.
I have tried to close the port by adding the entries in deny_host file in apf directory as:
tcp:in:s=631:s=0.0.0.0
then i restarted the firewall as
apf -s
But still it is showing the port is open.
How can i close it?

That is CUPS and it is there waiting for a connection from your printer and unless you have opened it up to the whole world somehow ( eg. you went into the config file and set it up that way ) it is not really something to worry about.

Are you scanning the server from itself? CUPS uses the lo interface so it will pretty much always appear open locally. Try scanning from somewhere on the net, there are some good websites with java portscans out there.

If its still open globally then you could just block the port on eth0 but still accept connections from the lo interface, unless your using it as a print server, then it would be more complicated.