Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
04-17-2007, 08:53 AM
|
#1
|
Member
Registered: Jul 2003
Location: Chicagoland
Distribution: ArchLinux
Posts: 261
Rep:
|
Should port 80 be open ?
I ran a port scanner and noticed that all common ports were closed except port 80.
What I know about port 80 is it is used for HTTP...right?
So, is having port 80 open a necessary evil to browse the web?
Thanks
|
|
|
04-17-2007, 09:00 AM
|
#2
|
LQ Newbie
Registered: Jan 2006
Location: Latvia, Riga
Distribution: Slackware, Ubuntu
Posts: 18
Rep:
|
Depends on machine where you found it. If this is your local machine which is connected to unsafe network (such as Internet) then I'd suggest closing it - it won't hurt you.
|
|
|
04-17-2007, 09:04 AM
|
#3
|
Member
Registered: Jul 2003
Location: Chicagoland
Distribution: ArchLinux
Posts: 261
Original Poster
Rep:
|
Will closing port 80 shutdown my ability to connect to the internet, or does it merely shut down any requests from the internet coming into my computer?
|
|
|
04-17-2007, 09:07 AM
|
#4
|
LQ Guru
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733
|
Port 80 is what a web server has open. Not a browser. Check if you have the apache2 webserver running.
You can close port 80. When you browse, you connect to the web server's port 80, but the return is on another port. Also, even if it didn't use a different port, it would be an established connection which the firewall or nat router would allow.
|
|
|
04-17-2007, 09:47 AM
|
#5
|
Member
Registered: Jul 2006
Location: Joinville, Brazil
Distribution: Debian, CentOS
Posts: 301
Rep:
|
Use #netstat -l
and you're gonna see all the listening services. Then just drop apache, if you actually have it.
|
|
|
04-17-2007, 10:35 AM
|
#6
|
LQ Guru
Registered: Nov 2004
Location: San Jose, CA
Distribution: Debian, Arch
Posts: 8,507
Rep:
|
When you run a portscan, ports shown as "open" are services your machine is providing. In other words, it seems likely that you have a webserver running on your machine.
|
|
|
04-18-2007, 03:03 AM
|
#7
|
LQ Newbie
Registered: Jan 2006
Location: Latvia, Riga
Distribution: Slackware, Ubuntu
Posts: 18
Rep:
|
Try this:
If it prints something like this
Code:
4564 ? Ss 0:00 /usr/sbin/apache2 -k start -DSSL
4625 ? S 0:00 /usr/sbin/apache2 -k start -DSSL
4626 ? S 0:00 /usr/sbin/apache2 -k start -DSSL
4627 ? S 0:00 /usr/sbin/apache2 -k start -DSSL
4628 ? S 0:00 /usr/sbin/apache2 -k start -DSSL
4629 ? S 0:00 /usr/sbin/apache2 -k start -DSSL
17989 ? S 0:00 /usr/sbin/apache2 -k start -DSSL
then you should also disable apache service. Why waste system resources?
1. To disable apache (or any other unwanted service) from starting at system boot I use (as root):
Code:
update-rc.d -f apache2 remove
or as normal user
Code:
sudo update-rc.d -f apache2 remove
In both cases "apache2" is the name of service startup file found in "/etc/init.d". "update-rc.d" will remove symlinks to this startup file from directories /etc/rc<n>.d.
2. To stop apache service immediatly do
Code:
/etc/init.d/apache2 stop
Do both steps to disable apache service from now on and only second step to disable service till next boot.
|
|
|
04-18-2007, 06:19 PM
|
#8
|
Member
Registered: Jul 2003
Location: Chicagoland
Distribution: ArchLinux
Posts: 261
Original Poster
Rep:
|
Here is what my output looked like :
glenn@glenn-desktop:~$ ps ax| grep apache
5268 pts/0 R+ 0:00 grep apache
I don't think it's running...is it??
|
|
|
04-18-2007, 09:08 PM
|
#9
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
Quote:
Originally Posted by glenn69
Here is what my output looked like :
glenn@glenn-desktop:~$ ps ax| grep apache
5268 pts/0 R+ 0:00 grep apache
I don't think it's running...is it??
|
your output would indicate that it is NOT running... however, as was said by Matir, for a port to be "open" it needs a service listening on it... so something else should be listening on your port 80 (unless the scanner you used is malfunctioning)... you can see what is listening on your box with something like this (as root):
Code:
netstat -pantu | grep LISTEN
you can check your current local firewall config like this (also as root): if netstat doesn't show anything listening on port 80, i'd consider a quick troubleshoot of the port scanner... you could start by trying with a different port scanner, for example...
|
|
|
04-19-2007, 07:16 AM
|
#10
|
Member
Registered: Jul 2006
Location: Joinville, Brazil
Distribution: Debian, CentOS
Posts: 301
Rep:
|
#telnet 127.0.0.7 80
It brings connection? If yes, your port is opened. Easy as hell. :-)
|
|
|
All times are GMT -5. The time now is 12:37 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|