I did a scan against myself and found:

PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
111/tcp open rpcbind
631/tcp open ipp
674/tcp open acap
6000/tcp open X11

I don't mind having port 22 open, but I don't see the need for the
other ports. How do I turn all that crap off? Is any of it necessary?

I am running FC6 x86_64.

Thank you.

Check out IPTABLES.

Or, if you have a GUI installed, go under admin tools and check out the firewall settings.

So I unchecked everything except ssh. Now when I scan all possible TCP ports, I get:

nmap -sT -p- localhost

Starting Nmap 4.20 ( http://insecure.org ) at 2006-12-08 14:04 EST
Interesting ports on localhost.localdomain (127.0.0.1):
Not shown: 65532 closed ports
PORT STATE SERVICE
22/tcp open ssh
2208/tcp open unknown
33690/tcp open unknown


How do I tell what on earth is running on 2208 and 33690?

Thank you.

maybe try with something like:BTW, keep in mind that you probably want to nmap from a separate machine on your LAN/WAN instead of from localhost to get a realistic/practical result... also, check your local firewall with a:

One thing I'll want to do is to do a quick check of what services I'm running and close them all off. So you do: chkconfig --list and see what all is on run level 3 or 5 and shut what you dont need using chkconfig servicename off. The reason I'm saying this is that quite often there will be services which you dont even know exist but which have opened up ports on your system. If you have turned off everything you dont need and these ports are still open you might want to telnet to them and see if they reveal anything in their banners(they probably wont). If still no luck... you might want to configure iptables and setup rules allowing only what you want or explicitly blocking what you don not want(this is painful though).

Also like Win32sux mentioned you'd want to run Nmap off another system to truly understand what another person can see.

Cheers
Arvind