-   Linux - Security (
-   -   how do i close ports. (

KidTonz 12-17-2001 12:15 PM

how do i close ports.
installed Mandrake 8.1 in a server config. with internet connection sharing. using the default wizards.. scanned ports from a win95 client on the network and i have 139,80,21,25, how do i lock these down. any help will be greatly appreciated.


unSpawn 12-17-2001 01:46 PM

First of all disable all the services you don't need (dunno which tools Mandrake has for this).
If you aint serving webpages, disable Apache.
If you ain't serving ftp, turn off ftpd.
If you don't want people to use your server as a mailserver (eg, to send mail *to*) turn off sendmail.
If you ain't *providing* cross-platform sharing turn of samba and any "r" services like portmapper and the like.
Disable telnetd and fingerd anyway, identd may be needed by some mailservers.
For any of these you do use that are started from (x)inetd, you can use "TCP Wrappers" to allow/deny access to these services from /etc/hosts.(deny|allow) for a more fine-grained control who may access these.
Then add rules to your firewall config to block access and log attempts.

Get some basic understanding of security issues from the UNIX Security Checklist v2.0, same for Packet Filtering for Firewall Systems. Since Mandrake is based on Red Hat you might also like Securing and Optimizing Linux (RedHat Edition) or, more appropriate Securing Linux Mandrake, or more general (but a wee bit older) Elementary security for your Linux box.


JimKyle 12-17-2001 03:28 PM

Closing ports in Mandrake 8.1
Use the Mandrake Control Center (not the KDE control center) and click on the Services item of the menu (under the lowest icon). This gives you a list of all the services Mandrake knows about. You'll see whether they are running or stopped, and there's a persistent button beside "On boot" for each of them. If that button is pressed down, that service will run at boot time. Just click it to turn it off. Try this a time or two with any service to see how it works, then make sure that all of them you don't need are turned off. If you turn off one that was on, then click the Stop button for that service to stop it. If you're not sure of one, though, leave it on. 80 will be apached, 21 will be either proftpd or wu-ftpd, and 25 will be a mail daemon.

You can also configure the firewall from the MCC's Security icon, and I'd recommend that you do so. Two of my Win9x boxes got clobbered by the Chernobyl virus while I was installing because I didn't understand how to configure Samba, so now I'm paranoid about security!!!

KidTonz 12-18-2001 03:43 AM

thanx. all ports. stealth. hahehehe.


All times are GMT -5. The time now is 09:20 PM.