re: closing ports

Subject: re: closing ports
From: Mike Tibor (tibor@lib.uaa.alaska.edu)
Date: Sat Nov 24 2001 - 12:14:47 AKST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: PJ Hunt: "re: closing ports"
• Previous message: civileme: "KDE 2.2.2 is out"
• In reply to: PJ Hunt: "re: closing ports"
• Next in thread: PJ Hunt: "re: closing ports"
• Reply: Mike Tibor: "re: closing ports"
• Reply: Mike Tibor: "re: closing ports"

On Fri, 23 Nov 2001, PJ Hunt wrote:

>
> 515 is sunrpc
>
> 111 is the printer. I can kill the process but I'd like to know how to keep
> it from even loading and preferably disable the ports.

That's actually backwards--111 is sunrpc and 515 is lpd. To prevent them
from loading on boot you'll need to look in your init scripts. I'm sure
civileme will slap me around if I get this wrong :-) but assuming
Mandrake is similar to Red Hat in its use of SysV style init, then cd into
/etc/rc.d/rc3.d and "mv S<number>portmap s<number>portmap". For example,
on my old Red Hat 5.2 box, I would "mv S40portmap s40portmap". By
renaming it to a lowercase s, the service won't be started. A benefit is
that if you need to restore it later, the number remains intact so you
know what order it should be started among the rest of the stuff. Note
that /etc/rc.d/rc3.d/S* are things that will start when the system enters
runlevel 3 (standard multiuser mode w/o XDM). You should probably also go
into the other rc directories in /etc/rc.d and do the same thing. If you
don't, and you boot into a different runlevel for any reason you'll have
unwanted services starting up.

I should point out that there have been numerous vulnerabilities in both
Berkeley lpd and LPRng. If you haven't been completely religous about
applying Mandrake's updates, it probably wouldn't be a bad idea to run a
portscan on your box from another. It doesn't help to just use ps or lsof
on your system--that's like when you're about to buy a used car, asking
the salesman, "so... it's really a mechanically sound and reliable car,
right?" Obviously the salesman is going to reply "why sure it is!
Nothing to worry about!" In such a case you might take the car to a
trusted mechanic for a look-over, and it's the same in this case with your
computer.

Mike

--
Mike Tibor         Univ. of Alaska Anchorage    (907) 786-1001 voice
Network Technician     Consortium Library         (907) 786-6050 fax
tibor@lib.uaa.alaska.edu       http://www.lib.uaa.alaska.edu/~tibor/
http://www.lib.uaa.alaska.edu/~tibor/pgpkey  for PGP public key

• Next message: PJ Hunt: "re: closing ports"
• Previous message: civileme: "KDE 2.2.2 is out"
• In reply to: PJ Hunt: "re: closing ports"
• Next in thread: PJ Hunt: "re: closing ports"
• Reply: Mike Tibor: "re: closing ports"
• Reply: Mike Tibor: "re: closing ports"

This archive was generated by hypermail 2a23 : Sat Nov 24 2001 - 12:14:50 AKST