Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
SuSE uses the Redhat chkconfig utility to control what services are on or off.
To see what services you have on:
chkconfig --list | grep on
To turn a service off:
chkconfig servicename off
where servicename is the name of a service listed in the chkconfig output
portmap = sunrpc
cups = ipp
postfix = smtp
After a reboot, the changes in chkconfig will be applied. If you don't want to reboot, you can shut the various services off manually, like:
/sbin/portmap stop
You won't be able to shut off X11 unless you don't have X windows running or if you use the -- nolisten-tcp option. Easiest way is to just firewall X. If you're already behind a firewall then that's not ideal, but still reasonably safe.
Hope that helps.
Last edited by Capt_Caveman; 01-19-2004 at 02:28 PM.
I just started using SuSE and it took me a while to figure where to put the -nolisten tcp option. It seems everyone knows what the command was but couldn't tell me the correct place to put it.
Well if your running KDE - /etc/opt/kde3/share/config/kdm/ copy the Xservers file to Xservers.back then vi on the Xservers file and edit the following line.
:0 local /usr/X11R6/bin/X vt7
change it to look like the line below.
:0 local /usr/X11R6/bin/X vt7 -nolisten tcp
Now when you restart it will be gone.
As for Gnome I'm not sure if it's the same maybe somebody (or you) will post back what it is for Gnome. (I don't currently have it loaded.)
I do have to say I'm very dissapointed that there's no SUSE forums anywhere ... well the only one I could find was in german. I hope that Novell/Suse brings back the forum that now seems dead.
I think that the future of Novell 7.0 on the backend and Suse on the desktop could provide some very good setups for school systems that are looking to save money and are already a Novell shop. IMHO.
PS. Just FYI. Redhat didn't create chkconfig (and man I was pissed when the arguments I learned in redhat didn't work in SuSE ie. using the --levels options (which is nice).) It was created for IRIX and then later redone via RedHat and given additional arguments etc. However the chkconfig works in SuSE ... just not EXACTLY the same as redhats version.
Good luck.
Last edited by cycl3fr3ak; 01-20-2004 at 06:45 AM.
bootpc is your linux box's bootp client. It does network discovery stuff like grab its IP address and locate DNS server info. If you're using some kind of bootp or other dynamic IP assignment protocol, it should be on. If you have a static IP then you won't need it, but usually this is determined during your initial networking setup. Again if you're concerned about abuse, you can firewall it and only allow communication with your dhcp/bootp server.
Last edited by Capt_Caveman; 01-20-2004 at 07:34 AM.
That should let you know what's got the port open. Likely it's something that uses dnamic port assignment, because 32768 is usually one of the first dynamic ports opened (see here for details).
32768+ nice Capt_Caveman - I see why you're a moderator. Isn't a bit annoying what it takes to hold off these idiots that insist on *haking* (sic) All at once I get tired of it, but I still will never give up the good fight!
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.