Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I just updated nmap and got the front end running. I am running it and it shows 3 open ports, I dont know if its safe to show them.
Can i post the ports and what they are so i can get some feedback if they should be open or not?
also..
Does my computer have to be connected to the internet for nmap to run properly if running on the save system?
I can;t see why your computer would need to be connected but you will need to make sure you are scannling a local device with an ip address if you have some sort of modem that doesn't have an IP then you can't scan it at that point.
22/tcp open ssh
631/tcp open ipp
6000/tcp open X11
does this look normal, I am just trying to get my linux box secure so i can get it back on the internet as soon as possible.
Also, I ran a scan from http://scan.sygatetech.com
and one of the scans (tcp) showd that it can connect to port 88 and gave me a insecure message so i closed almost every service running and ran it again and the same thing happend.
It depends on what you use the box for - personnalyI leave ssh running sice I want to access the CLI remotely. If you don't need to then firewall it off. Leaving an X server open is a bit insecure an if you don;t need to run X applications from remote machines then you can firewall it too. ipp is used for network printing so if you don;t intend to be a printer server for other machines then again it is un needed. Port 88 is used byt he kerberos authentication system so you may/may not need it running depending on the use of the server. You may find that some ports that appear open from the net are actually on proxy servers in between.
Its just a single user box, its not on a network other than a 4 port router but i dont connect the computers to each other, its just so they can share internet connection, no server printing or anything like that. I just use it for browsing the internet and basic stuff.
I dont know what SLI, Xserver, or kerboros auth. service are. I dont think i need any of those. I tried to block port 88 with firestarter but it did not block it. Is there a easy way to close ports? thanks
OH.... I just stopped some more services from runnning and now the only port nmap says open is the X11. I guess i got lucky i was just reading the descriptions of the services and guessing whether i needed them or not then shutting them down. Then only one i dont know if i need is XINETD can i stop that from running? Thanks
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.