LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 11-12-2004, 09:34 AM   #1
Kropotkin
Member
 
Registered: Oct 2004
Location: /usr/home
Distribution: Mint, Ubuntu server, FreeBSD, Android
Posts: 362

Rep: Reputation: 32
Port 67 (bootPC) & 68 (bootPS) open by default -- why?


Hi all,

After installing Fedora Core 3, I ran the port detection diagnostic test Shields UP at grc.com. During the installation, I had chosen not to install any servers and open their corresponding default ports, and none were open, but Shields UP did find two other open ports, 67 (bootPC) and 68 (bootPS). I am just wondering why they are open by default and if there is any reason not to block them manually using Firestarter.

Thanks for your time and have a nice day.
 
Old 11-12-2004, 10:42 AM   #2
Quis
Member
 
Registered: May 2001
Location: Germany, Süd-Baden
Distribution: Gentoo
Posts: 139

Rep: Reputation: 15
you can block the two ports shown above.
The bootP* ports are services which can be turned off or be blocked on workstations.
 
Old 11-12-2004, 10:53 PM   #3
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 69
Re: Port 67 (bootPC) & 68 (bootPS) open by default -- why?

Quote:
Originally posted by Kropotkin
I am just wondering why they are open by default and if there is any reason not to block them manually using Firestarter.
Depends on how your system is getting an IP address assigned. If your setup uses the bootp protocol to get an IP address, then turning it off will likely cause connectivity loss. However protocols like bootp and dhcp should absolutely not be open to general public access. Usually you can firewall the bootpc ports to only accept incoming traffic from the bootp/dhcp server (which is usually your ISP or most soho routers (linksys, dlink,etc) will use bootpc as well). If your system has a static IP that isn't assigned, then you likely don't need it.

Last edited by Capt_Caveman; 11-13-2004 at 10:40 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
PLESK [Solution] Change port to 23 (telnet) instead of default port 8443 x5452 Linux - Software 6 05-10-2009 05:58 AM
Details about default web Browser & default Email client sudhasmyle Linux - Software 4 06-15-2006 11:45 AM
cannot SFTP to SUSE 9.2 box, port 22 open, can putty in though using same port. jgrady Linux - Networking 6 03-29-2005 08:44 AM
Open tcp port & mails that i do not send. jrfly Linux - General 1 02-02-2005 09:02 PM
Why my RH 7.2's smtp port haven't open default? explorer1979 Linux - General 3 06-04-2002 07:24 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:09 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration