I've just installed a SuSE63 in a new machine and i'm trying to leave it just with the essentials services, doing a portscan this is the result: fmmarzoa@vivaldi:~ > portscan 192.168.66.251 192.168.66.251 22 23 80 113 139 443 514 # Well, i want port 22 (ssh), 23 (telnet), 80 (http) and 139 (netbios - sorry, it should serve files to windows clients :/) active, and i know how to deactivate them if i need, but i cant find how to put out 113 (auth), 443 (https) and 514 (shell ?). I've travelled through /etc/inetd.conf and /etc/rc.services trying to find an answer for my question but... may m I turning blind? -- Francisco M. Marzoa Alonso Nuevo Mundo - Dpto. Informático ICQ#: 62850923 Henri Dunant, 19 - 28036 Madrid tfno: +34 91 343 18 40 ext. 207 España / Spain fax: +34 91 350 28 45
On Thu, Apr 06, 2000 at 10:52:26AM +0200, Francisco M. Marzoa Alonso wrote:
how to deactivate them if i need, but i cant find how to put out 113 (auth), 443 (https) and 514 (shell ?).
443: Look at /etc/http/httpd.conf There is a section for https, you have do disable and reload apache config (possible via sh /sbin/init.d/apache reload ) 514 maybe syslog. HTH Frank
First: Many thanks, Frank :) Frank Derichsweiler wrote:
On Thu, Apr 06, 2000 at 10:52:26AM +0200, Francisco M. Marzoa Alonso wrote:
how to deactivate them if i need, but i cant find how to put out 113 (auth), 443 (https) and 514 (shell ?).
443: Look at /etc/http/httpd.conf There is a section for https, you have do disable and reload apache config (possible via sh /sbin/init.d/apache reload )
I'm over this, please fell free to see my last message related.
514 maybe syslog.
You're surely on right. I don't know very well what exactly syslogd do... so... is it just needed for remote logs or is really *needed* for log info locally? Thank you very much everybody :)
HTH Frank
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- Francisco M. Marzoa Alonso Nuevo Mundo - Dpto. Informático ICQ#: 62850923 Henri Dunant, 19 - 28036 Madrid tfno: +34 91 343 18 40 ext. 207 España / Spain fax: +34 91 350 28 45
"Francisco M. Marzoa Alonso" wrote:
I've just installed a SuSE63 in a new machine and i'm trying to leave it just with the essentials services, doing a portscan this is the result:
fmmarzoa@vivaldi:~ > portscan 192.168.66.251 192.168.66.251 22 23 80 113 139 443 514 #
Well, i want port 22 (ssh), 23 (telnet), 80 (http) and 139 (netbios - sorry, it should serve files to windows clients :/) active, and i know how to deactivate them if i need, but i cant find how to put out 113 (auth), 443 (https) and 514 (shell ?).
443 can be served by apache. Is apache up ? 514 is served by inetd, at least on some of my boxes with SuSE 6.1 / 6.3. Is the portmapper started while setting up the network ? Why do you need telnet if ssh is running ? Regards, Fred Mobach
Fred Mobach wrote:
"Francisco M. Marzoa Alonso" wrote:
I've just installed a SuSE63 in a new machine and i'm trying to leave it just with the essentials services, doing a portscan this is the result:
fmmarzoa@vivaldi:~ > portscan 192.168.66.251 192.168.66.251 22 23 80 113 139 443 514 #
Well, i want port 22 (ssh), 23 (telnet), 80 (http) and 139 (netbios - sorry, it should serve files to windows clients :/) active, and i know how to deactivate them if i need, but i cant find how to put out 113 (auth), 443 (https) and 514 (shell ?).
443 can be served by apache. Is apache up ?
Yes, and i need it :) But this port (ssl/apache) has been putting out in a dirty manner but less is nothing...
514 is served by inetd, at least on some of my boxes with SuSE 6.1 / 6.3.
shell wrapped by inetd in fact, now there's right too :)
Is the portmapper started while setting up the network ? Why do you need telnet if ssh is running ?
Hey! what a lot of curiosity! X) I know it seems to be stupid, but I'll shut down telnet service when this host be working on its destination LAN, it's more comfortable for me to use telnet while i'm still configuring it :) Have a good one :)
Regards,
Fred Mobach
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- Francisco M. Marzoa Alonso Nuevo Mundo - Dpto. Informático ICQ#: 62850923 Henri Dunant, 19 - 28036 Madrid tfno: +34 91 343 18 40 ext. 207 España / Spain fax: +34 91 350 28 45
participants (3)
-
Francisco M. Marzoa Alonso
-
Frank Derichsweiler
-
Fred Mobach