LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 10-23-2004, 07:18 AM   #1
karan101
Member
 
Registered: Aug 2004
Location: CANADA
Distribution: Fedora core4
Posts: 60

Rep: Reputation: 15
Networking question???


Hello people
I ran nmap -sS on mylaptop and i got this
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
23/tcp open telnet
25/tcp open smtp
111/tcp open rpcbind
625/tcp open unknown
644/tcp open unknown
2049/tcp open nfs
32770/tcp open sometimes-rpc3
32771/tcp open sometimes-rpc5
well the only thing i use is usally to ftp or ssh to my account at school or vice versa i'v got no mail server or http server or sql server that i use ....I wanna know how u people think, if i should close telnet or...anything else...or if this is not secure...or if u need more info(basically how secure a system should be to rate it as a good secure system...) and one last question is that say I'm connected to a LAN how can i find how many other computers (not users ) are connected to that network and how i can get their ip addresses...oh and one last question is that say there's a network and i disconnect one of pcs and connect my box instead is it possible to use such things that are already installed on the network from my box...for example using the printer, scanner .... oh one last question again....umm how does hybernating works on linux FC2(for laptops)
umm i know these are basic Q but u know im just trying to learn
thank you
karan
 
Old 10-23-2004, 10:48 AM   #2
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
The rule of thumb is if you are not using a service, turn it off. So if your not using telnet, nfs, etc then go ahead and turn them off. The easiest way to do this in fedora is with the chkconfig utility and service command:

To list all the services and their status (turned on or off in each runlevel):
chkconfig --list

From there, turn off the services at boot:
chkconfig <servicename> off

Then stop the currently running service with:
service <servicename> stop

so to turn off rpcbind (portmap):
chkconfig portmap off
service portmap stop

Having smtp (mail) running isn't bad per se, but should be listening for localhost only rather than external traffic. With Fedora core that is usually the default configuration, so I'm guessing you ran nmap from the same machine you were scanning. Ideally you should be running scans from the outside (a different machine) to get an idea of what an attacker would see. So you can leave smtp on as long as it is listening for localhost. To confirm this, run netstat -pantu and you should see something like this:
Code:
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      568/sendmail: accep
The important part is that sendmail is listening for 127.0.0.1

For info on general secuting of a linux system, take a look at unSpawn's Security References Thread.

If you want to monitor network traffic over time and get a good idea of the network topology, etherape is a really nice tool that is pretty powerfull.
 
Old 10-23-2004, 07:11 PM   #3
qwijibow
Guru
 
Registered: Apr 2003
Location: nottingham england
Distribution: Gentoo
Posts: 2,672

Rep: Reputation: 47
also.... Nmapping yourself may be pointless.
many firewalls allow a computer to talk to itself unreistricted.

nampp yourself from a different machine.
 
Old 10-24-2004, 02:53 PM   #4
jev-bird
Member
 
Registered: Jul 2004
Location: USofA
Distribution: Whatever runs accordingly.
Posts: 200

Rep: Reputation: 30
Quote:
Originally posted by qwijibow
also.... Nmapping yourself may be pointless.
many firewalls allow a computer to talk to itself unreistricted.

nampp yourself from a different machine.
I agree there is no maybe about it it is pointless unless you want to know what services are only running and not from an outside perspective. And if that's the case I just as well do a netstat -lpa to find that out.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
networking,question... JT13 Linux - Networking 4 06-27-2005 07:15 AM
Networking question Rekna Linux - Networking 1 06-16-2004 10:59 PM
Networking Question MrJBot Linux - Newbie 1 10-19-2003 07:57 PM
Networking Question glitch Linux - Newbie 2 08-03-2002 11:19 AM
Networking Question... mikez Linux - Networking 6 01-11-2002 07:12 PM


All times are GMT -5. The time now is 07:01 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration