SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Well, I do not know about the last two, but the first two are porgrams that are started from /etc/rc.d/rc.inet2. If you edit the file and remark out sendmail and the sun rpc server stuff it will prevent them starting up when you boot. You can just terminate the processes by killing the process ID. You can use "gtop" to list all the processes and then right click the desired task and send the SIGKILL message.
The X11 port may be for X11 forwarding. But you should also check your /etc/inetd.conf file. I normally remark out everything except the two items that start with "time" very near the top of the file.
Perhaps someone else knows about 587 and 6000 ports.
Maybe someone should say that: if you dont need services like SMTP for emailing, then you can turn them off; but if you want to use them, you'll need to allow them to access the internet via their ports.
A firewall will close ports.
If using KDM or any other, I'm sure its similiar to that above.
The open port 587 could be anything. Like if you use Instant Messaging or whatever, but that isn't a standard port for a particular app. Most likely some app you have requires that port open. But I would take acid's advice, use a firewall of some sort.
You can disable tcp connections to X (6000), but this tends to break things, especially if you set up a home network later on. Judging from the presence of the rpc service, It appears that you have that planned. Sort out your /etc/hosts.deny and /etc/hosts.allow if you intend to do NFS with it. Then get yourself a firewall script from http://www.linuxguruz.org/iptables and you'll be off to a good start. The "Firewall by Jim" package is quite comprehensive (no, I'm not Jim ;-p). http://www.jg555.com/projects/firewall/download.php http://www.insecure.org is a useful resource of information, and there are also other projects worth looking into, like Nessus and snort.
Try the /etc/rc.d/rc.sendmail file. At the very beginning is the start function. If you only want to use sendmail for outbound and NOT inbound then remark the first instance. Leave the queue runner module running. At least I think it will produce the desired results. It should close the port 25 for inbound mail but still allow outbound mail to be sent out on port 25.
This quick iptables will pretty much drop everyone trying to connect to your TCP ports. Run it as root.
/sbin/iptables -A INPUT -p tcp --syn -j DROP
I've got this one running at home, though I'm sure there's many other ways to secure your box but this one is a good start until you get other scripts to try. Hope this helps.
Originally posted by Excalibur Try the /etc/rc.d/rc.sendmail file. At the very beginning is the start function. If you only want to use sendmail for outbound and NOT inbound then remark the first instance. Leave the queue runner module running. At least I think it will produce the desired results. It should close the port 25 for inbound mail but still allow outbound mail to be sent out on port 25.
case "$1" in
'start')
sendmail_start
;;
'stop')
sendmail_stop
;;
'restart')
sendmail_restart
;;
*)
echo "usage $0 start|stop|restart"
esac
I've got mine down to
Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Interesting ports on localhost (127.0.0.1):
(The 1598 ports scanned but not shown below are in state: closed)
Port State Service
22/tcp open ssh
25/tcp open smtp
587/tcp open submission
the submission is the one that no one knows about.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.