Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Well, this is like a home server I am playing with. I am planning on running MySQL, SAMBA, SSH, SFTP and I will also make it a print server. Do you know what's the purpose of those ports and of i can close them
alagenchev,
The main ports fall within the port no 1024 . Some of the reserved ports are
ftp - 20, 21
http - 80
ssh - 22
telnet - 23
smtp - 25
pop3 - 110
dns - 58
You may also check the file /etc/services for more port numbers.
Your X server is using port 4000 which is a unreserved port. You may block it safely by using iptables. But make sure you open all ports for your localhost.
You might be interested in reading the following post... http://linuxhelp.blogspot.com/2005/1...ables-for.html
OK, I just answered all my questions, and I decided to post the resuts here, in case someone has same/similar questions.
first off , run "nmap localhost":
You should get something similar:
PORT STATE SERVICE
669/tcp open unknown
This tells you which ports are open. My 669 is SSH, if you run SSH, most likely yours is 22. You can change that in /etc/ssh/shd_config
now you can run "fuser -n tcp yourport"
this will give you the UID for the service running on that port. For example fuser -n tcp 25 returned sendmail. For some reason port 669 does not return a valid UID on my system. But I know 669 is SSH, since I set it this way. Once you get the UID, you can do ps -ax|grep "YourUIDhere", and you will get the program with tha UID. Now you know what to kill and what not. In my case, I had 25-sendmail,37 -time, 113-auth.
Ok, There are two places where processes get started automatically, from /etc/inetd.conf , or /etc/rc.d. inetd.conf will show you something similar:
These are some of the scripts that may/do get started during bootup. To prevent them from starting, just remove the execute option from permissions. you can do that using
chmod -x yourservice
or just using chmod 640 yourservice
Next time you boot up, you can do nmap localhost again, and all this stuff should be closed.
To stop X listening to port 6000, in your /usr/X11/bin/startx file edit :
serverargs="-nolisten tcp"
Oh yeah almost forgot, auth is some ancient internet authentication service, I removed it and I don't have any problems. Time , correct me if wrong, synchronises your local time using the internet. You need SMTP, port 25 only if you are running a mail server. That's it, write if you have comments
Last edited by alagenchev; 10-22-2005 at 08:03 PM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.