LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 05-11-2002, 03:47 PM   #1
forand
Member
 
Registered: May 2002
Location: SF Bay Area
Posts: 54

Rep: Reputation: 15
need help with securing open ports


The situation: I have one machine connected to the inet acting as a firewall/webserver/email server/ssh server and one machine inside that firewall. Since I don't have access to another machine outside my firewall that I can install nmap on I installed it on the machine behind the firewall and the server itself. Now I have run a port scan on the server from the comp inside the firewall and i get the following:
Port State Service
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
111/tcp open sunrpc
443/tcp open https

I expect ssh, smtp, and http. I am not sure I should expect https(I don't have any secure content on the webserver) or domain(used for dhcp?) and I have no clue what sunrpc is for. I have tried checking and making sure that I don't have these services running (using service -s) and I don't see any mention of sunrpc except in the iptables output. Basically I just want to know what I should close down to make my machine more sercure.
Thanks for any help!
 
Old 05-11-2002, 05:16 PM   #2
hanzerik
Member
 
Registered: Jan 2002
Location: Cheyenne Wyoming
Distribution: Debian/Raspbian/Mint
Posts: 717

Rep: Reputation: 32
Well the sunrpc can be turned of by renaming or removing a line in /etc/rc.d init scripts.

in redhat and mandy type ntsysv and turn off portmap, or rename /etc/rc.d/rc?.d/S??portmap to K??portmap where rc?.d is the runlevel that the server is running at, and S??portmap your may be different, mine was S87portmap, I renamed it to K87portmap.

in slackware look at /etc/rc.d/rc.inet2 there will be some lines like this:
if [ -x /sbin/rpc.portmap ] ; then
echo "Starting RPC portmap: /sbin/rpc.portmap"
/sbin/rpc.portmap
fi
comment the lines out
so it would look like this when you are done:
#if [ -x /sbin/rpc.portmap ] ; then
#echo "Starting RPC portmap: /sbin/rpc.portmap"
#/sbin/rpc.portmap
#fi
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Cannot Open Mail Server Ports 25, 110, and 220. Other Ports will open. Binxter Linux - Newbie 9 11-29-2007 03:03 AM
open ports on linksys, i have ssh open but thats it PlatinumRik Linux - Security 1 07-07-2005 11:38 AM
Open ports dareino Slackware 8 03-16-2004 02:53 PM
i need to open some ports, how can i do it? israel Linux - Software 2 08-26-2003 06:47 PM
OPen ports Stephanie Linux - General 1 08-17-2001 11:24 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 02:44 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration