Hi everyone

Just installed Slackware 8.1 and being from a Red Hat background am having trouble in closing a lot of open ports !!

PS - I read somewhere on here that SLackware is secure out-of-the-box ... well unless I've set something up incorrectly then it really is VERY insecure

A few ports that are open:
21
22
23
25
80
111
113

and a dozen more !!

My question is this:

I believe the confiugration of which services run/are loaded is done in /etc/rc.d/ but how do you CORRECTLY disable or add a service?

I want to run Apache and am happy with that but don't require
FTP
Telnet
SMTP etc ...

Any help would be greatly appreciated

PS - has anyone had much joy with the Linux drivers for NVidia GPU's?

My X-Windows works fine ATM after a lot of tweaking but may upgrade in the future

Thanks



OSX

22 is telnet, 23 is ssh ( or the other way arround), 80 http (I think you like browsing dont you? eheh). You could set up a iptable script to close the open ports.
I have never done it, but I would point you to any place on google/linux to find a proper script.

Thanks for the reply

The thing is I don't want to just block them ... I want to close them.

I don't want them running at all and wasting CPU Cycles and RAM

I've already checked Google but can't really find much slackware documentation which is a little dissapoiting as I was under the impression that it was the choice of "More experienced users"

I chose Slackware because I was fed up of the RPM's in Red Hat.

I wanted really to compile and build packages myself.

Maybe I'll have to consider http://www.gentoo.org or one of the BSD's

Cheers

David

I believe that comenting out, or adding a "#" at the beggining of the corresponding line of these ports in the /etc/services files will do the trick of closing these ports for you.

Cheers,
Figa

it ensures the process doesnt start, but does it also secure the port? isnt that the point of making a iptable script?

Thanks I'll try it when I get home later

Does that mean the process isn't loading then at boot???

The port is secure if no process/daemon is listening !

If the process isn't running then no exploit exists because the port is closed

Closing a port is much more secure than controlling access to a port which is what a firewall does

OSX

Yup, I have to agree with you OSX. Hopefully I was able to help you out with your question.


Paz,
Figa

/etc/inetd.conf

In your /etc/rc.d/rc.M script, you'll see that it calls rc.inet1 adn rc.inet2. In these two scripts you will find all kinds of net-related processes and such. On my laptop which doesn't serve anything, I have the rc.inet2 commented out in rc.M. Also, I make sure that the inetd super-daemon is not run, which can be a vulnerability. Then, if I need some of those services, I can manually run /etc/rc.d/rc.inet2 start.

This would be in addition to blocking ports in your services file and including an iptables script for extra protection. It depends on how vigorous you want to be. I try to lock down everything except ssh on my office computer. I can pretty much accomplish whatever I need through that port if I'm away.

hth,
BB