LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 02-17-2005, 03:19 PM   #1
eyewittness
Member
 
Registered: Dec 2003
Location: Netherlands
Distribution: SuSe 9.0
Posts: 44

Rep: Reputation: 15
Redhat fresh install port 1025


Hi all,
I have a redhat box that has port 1025 open.

Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Interesting ports on mike (127.0.0.1):
(The 1595 ports scanned but not shown below are in state: closed)
Port State Service
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
80/tcp open http
1025/tcp open NFS-or-IIS
10000/tcp open snet-sensor-mgmt


I closed port 1024 and sun rpc by doing:
chkconfig --level 0123456 portmap off
chkconfig --level 12345 nfslock off
service nfslock stop

now i want to disable port 1025.
if i do this:

lsof -iTCP:1025
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
xinetd 1640 root 5u IPv4 2275 TCP mike:1025 (LISTEN)

I see it's xinetd. how can i fix it?

Last edited by eyewittness; 02-17-2005 at 03:21 PM.
 
Old 02-17-2005, 11:06 PM   #2
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 69
Use 'chkconfig --list | more' to give you a listing of all the service states. At the bottom of the output should be a subsection of all the xinetd-based services. Just see which ones xinetd is running and shut them off with chkconfig (chkconfig <service_name> off). You can also manually edit the files in the /etc/xinetd.d/ subdirectory and comment out whichever service file you want to shut off, but just using chkconfig is easier.
 
Old 02-18-2005, 08:42 AM   #3
eyewittness
Member
 
Registered: Dec 2003
Location: Netherlands
Distribution: SuSe 9.0
Posts: 44

Original Poster
Rep: Reputation: 15
Ok i will try that but with the more option it gives more ok, cause i always do chkconfig --list...
 
Old 02-18-2005, 11:02 AM   #4
eyewittness
Member
 
Registered: Dec 2003
Location: Netherlands
Distribution: SuSe 9.0
Posts: 44

Original Poster
Rep: Reputation: 15
someone knows wich prog use port 1025 ?
 
Old 02-18-2005, 11:23 AM   #5
eyewittness
Member
 
Registered: Dec 2003
Location: Netherlands
Distribution: SuSe 9.0
Posts: 44

Original Poster
Rep: Reputation: 15
i just killed the xinet.rd service and restarted it.. the port was gone
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Updating redhat after fresh install of shrike? spfdz Linux - Newbie 2 09-18-2005 11:13 PM
Fresh RedHat AS 3.0 Install - No Video spelltoronto Linux - Hardware 1 04-09-2005 03:47 AM
Repeated, targeted port 1025 ACK RST scottman Linux - Security 2 10-06-2004 01:35 AM
Port 1025 and 53 UDP being hammered with Blackjack dholingw Linux - Security 2 06-11-2004 02:02 AM
Redhat 6.2 to 7.0 -- Upgrade or Fresh Install? scoats Linux - Software 2 10-21-2001 12:17 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 09:49 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration