Re: turning off unused ports

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, 2003-04-22 at 17:43, Daniel Tan wrote: 
> i am using xnmap to check for open ports that i am not using.
> i have dns,nis,smtp,imap and pop running....
> how do i turn off the unused ports without knowing what service to
> deactivate?

They're not necessarily 'on', they're just open (if thats the right
terminology).  By that I mean that there mightn't be something listening
on that port, even though nmap found it open.  Its up to some daemon to
listen or not.  nmap most likely just has a list of what ports are
reserved for what protocols, and returns it, which is why some say
unknown.  In fact, anything could be listening on any port.

In redhat, xinetd generally handles connections to ports, and then
passes them off to the appropriate program.  See /etc/xinetd.d/ for the
daemons you may have installed (but not necessarily 'on'.  See the
'disable=...' line in these files).  This is not always the case though,
as with sshd and httpd, which you won't find in /etc/xinetd.d.  Instead,
they're started as services (eg 'service httpd start', or
'redhat-config-services').

See also /etc/services for what port is usually used for what service.

> Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
>  Interesting ports on xxx.xxx.xxx):
> (The 1589 ports scanned but not shown below are in state: closed)
> Port       State       Service
> 25/tcp     open        smtp
> 53/tcp     open        domain
> 80/tcp     open        http
> 110/tcp    open        pop-3
> 111/tcp    open        sunrpc                (what is this?)

You'll need this for nfs mounts

> 139/tcp    open        netbios-ssn             (do i need this?)

windows file sharing (as well as 137, 138 & 445)

> 143/tcp    open        imap2
> 443/tcp    open        https
> 663/tcp    open        unknown                 (need to know what these 3
> unknown ports are...)
> 865/tcp    open        unknown
> 886/tcp    open        unknown

don't know.  There is a web resource somewhere that lists ports and
uses.  I can't remember where though!

> 6000/tcp   open        X11                     (temporary..will disable
> this)

/etc/services says X11 also.

Generally, if you set your firewall (eg iptables) to drop everything by
default, and then only open established & related connections, you
should be right.  Then add any services you specifically want: 22, 21,
etc.

HTH,
-- 
Iain Buchanan <iain@xxxxxxxxxxxxxxxxxxx>
Even the Chinese are against me.

		-- Homer Simpson
		   The Last Temptation of Homer

Attachment: signature.asc
Description: This is a digitally signed message part

[Index of Archives]     [Fedora General Discussion]     [Red Hat General Discussion]     [Centos]     [Kernel]     [Red Hat Install]     [Red Hat Watch]     [Red Hat Development]     [Red Hat 9]     [Gimp]     [Yosemite News]

  Powered by Linux