Hi, I just installed SuSE 9 on x86-64 and ran netstat --proto=inet -l and got:

tcp 0 0 *:sunrpc *:* LISTEN
tcp 0 0 *:x11 *:* LISTEN
tcp 0 0 *:ipp *:* LISTEN
tcp 0 0 localhost:smtp *:* LISTEN
udp 0 0 *:32776 *:*
udp 888 0 *:bootpc *:*
udp 0 0 *:sunrpc *:*
udp 0 0 *:ipp *:*

Any advices on how to close these ports?

-uniQ

PS. I'm behind a router so somewhat safe, I just want to be most sure.

SuSE uses the Redhat chkconfig utility to control what services are on or off.

To see what services you have on:
chkconfig --list | grep on

To turn a service off:
chkconfig servicename off
where servicename is the name of a service listed in the chkconfig output

portmap = sunrpc
cups = ipp
postfix = smtp

After a reboot, the changes in chkconfig will be applied. If you don't want to reboot, you can shut the various services off manually, like:
/sbin/portmap stop

You won't be able to shut off X11 unless you don't have X windows running or if you use the -- nolisten-tcp option. Easiest way is to just firewall X. If you're already behind a firewall then that's not ideal, but still reasonably safe.

Hope that helps.

OK! Now it's down to:

tcp 0 0 *:x11 *:* LISTEN
udp 0 0 *:bootpc *:*


What is BootPC doing? What what was that X11 option? How do I use it every time I start?

Thx,

-uniQ

uniQ,

I just started using SuSE and it took me a while to figure where to put the -nolisten tcp option. It seems everyone knows what the command was but couldn't tell me the correct place to put it.

Well if your running KDE - /etc/opt/kde3/share/config/kdm/ copy the Xservers file to Xservers.back then vi on the Xservers file and edit the following line.

:0 local /usr/X11R6/bin/X vt7
change it to look like the line below.
:0 local /usr/X11R6/bin/X vt7 -nolisten tcp

Now when you restart it will be gone.
As for Gnome I'm not sure if it's the same maybe somebody (or you) will post back what it is for Gnome. (I don't currently have it loaded.)

I do have to say I'm very dissapointed that there's no SUSE forums anywhere ... well the only one I could find was in german. I hope that Novell/Suse brings back the forum that now seems dead.


I think that the future of Novell 7.0 on the backend and Suse on the desktop could provide some very good setups for school systems that are looking to save money and are already a Novell shop. IMHO.

PS. Just FYI. Redhat didn't create chkconfig (and man I was pissed when the arguments I learned in redhat didn't work in SuSE ie. using the --levels options (which is nice).) It was created for IRIX and then later redone via RedHat and given additional arguments etc. However the chkconfig works in SuSE ... just not EXACTLY the same as redhats version.



Good luck.

bootpc is your linux box's bootp client. It does network discovery stuff like grab its IP address and locate DNS server info. If you're using some kind of bootp or other dynamic IP assignment protocol, it should be on. If you have a static IP then you won't need it, but usually this is determined during your initial networking setup. Again if you're concerned about abuse, you can firewall it and only allow communication with your dhcp/bootp server.

Well, thanks for the help both of U!!! I've afferto'd both of you.

Yea, SuSE is good, I hope Novell does a good job and deosn't royally scrwe it up.

-uniQ

Thanks uniQ, I appreciate that!

YaY! X11 is now stopped listening.

Now, I've got something else:

udp 0 0 *:filenet-tms *:*


That's port 32768 (or 2^15).

ANy ideas?

Thanks!

-uniQ

Try lsof -i

That should let you know what's got the port open. Likely it's something that uses dnamic port assignment, because 32768 is usually one of the first dynamic ports opened (see here for details).

32768+ nice Capt_Caveman - I see why you're a moderator. Isn't a bit annoying what it takes to hold off these idiots that insist on *haking* (sic) All at once I get tired of it, but I still will never give up the good fight!