Markus wrote:
Hi,
the following services are running on my machine: 111/tcp => portmap (user: bin) 111/udp => portmap (user: bin)
If you're not using nfs or nis, then you should disable portmap. It is highly insecure. You can run `rpcinfo -p $hostname` against your system to see what additional services it is providing.
113/tcp => in.identd (user: nobody)
This is also not too secure and you should disable it. It is mainly used for irc servers to grab information about you, so if you don't go to irc then it's unnecessary. If you do frequent irc servers then I recommend you replace identd with fakeidentd (http://hangout.de/fakeidentd/). I have done this and it works pretty well.
515/tcp => lpd (user: root+)
Do you have the need to spool your print jobs locally or can you just send them off to your printer? For that matter, do you even have a printer? If you're not using it then disable it as it does have vulnerabilities every so often. Otherwise, if you need it then you could set it up so it listens only to localhost and not to external requests.
6000/tcp => X (user: root)
I believe someone already said something about appending "-nolisten tcp" to the Xserver startup. -- David M. Fetter - http://www.fetterconsulting.com/ "The world is full of power and energy and a person can go far by just skimming off a tiny bit of it." Neal Stephenson - Snow Crash