setting up firewall in 7.1

Hi All, Another newbie question. I edited my inetd.conf and commented out ftp, telnet, shell, login, pop3, finger and swat and rebooted. Everything seems to work ok. nmap -sT -v my ip shows these 22 ssh 37 time 111 sunrpc 515 printer 1024 kdm 6000 X11 nmap -sU my ip shows these 37 time 111 sunrpc 517 talk 518 ntalk Questions are these. First, is what I commented out ok? secondly, is it safe to comment out talk, ntalk, and time in inetd.conf as well? Secondly...how about ssh,sunrpc,printer and X11? Is it safe and where do I shut them down at? If you could just give me a site that would explain this to me I would be very grateful. As I said, I am new and just don't want to make any mistakes configuring or to take an unsecured machine out on the net. Thanks in advance, Dallam

On 29 Jun 2001, at 18:44, twowitchesinthelight@btintern wrote: Hi First, question do you want to have remote access to your PC? IF not the settings are OK
Hi All, Another newbie question. I edited my inetd.conf and commented out ftp, telnet, shell, login, pop3, finger and swat and rebooted. Everything seems to work ok. nmap -sT -v my ip shows these
In addition try to edit the startup script. Try yast --> admin.. --> Konfiguration... Press F4 and Search vor all things you start in here. "START" Set all those START.... settings to "no"
22 ssh 37 time 111 sunrpc 515 printer 1024 kdm 6000 X11
The other services you didn't find in there you have to bind to 127.0.0.1 But therefor I think you have to search the web for some HOWTO's
nmap -sU my ip shows these 37 time 111 sunrpc 517 talk 518 ntalk
Questions are these. First, is what I commented out ok? secondly, is it safe to comment out talk, ntalk, and time in inetd.conf as well? Secondly...how about ssh,sunrpc,printer and X11? Is it safe and where do I shut them down at? If you could just give me a site that would explain this to me I would be very grateful. As I said, I am new and just don't want to make any mistakes configuring or to take an unsecured machine out on the net. Thanks in advance, Dallam
DL
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com

* twowitchesinthelight@btinternet.com wrote on Fri, Jun 29, 2001 at 18:44 +0000:
Another newbie question. I edited my inetd.conf and commented out ftp, telnet, shell, login, pop3, finger and swat and rebooted. Everything seems to work ok.
Reboot isn't really necessary. killall -HUP inetd oder rcinetd reload / rcinited restart would be enough.
nmap -sT -v my ip shows these 22 ssh 37 time
Do you use it? If not, disable.
111 sunrpc
Needed? If not, disable. If yes, block by firewall for "outside".
515 printer
Block for non-locals too
1024 kdm
Has a port? Block it by firewall...
6000 X11
block it by firewall, use SSH X-Forwarding (port 22) instead, this is automatic and more secure :)
nmap -sU my ip shows these 37 time 111 sunrpc 517 talk 518 ntalk
block if not needed.
Questions are these. First, is what I commented out ok?
As long as you have SSH you can always change it back if desired :)
secondly, is it safe to comment out talk, ntalk, and time in inetd.conf as well?
Usually yes. On productive servers I turn them off. There are chats which are more comfortable than talk :) I use xntpd for syncing time.
Secondly...how about ssh,sunrpc,printer and X11? Is it safe and where do I shut them down at?
printer is printer of course :) But if you will not print from or via that machine, turn lpd off (in rc.config, and rclpd stop). SSH is secure shell, I would let it active, but if you use that hosts only from local console you may turn it off, too. X11? Well, at least I would block it, but important machines shoudn't run X usually. X is nice for workstations. So it depends.
to make any mistakes configuring or to take an unsecured machine out on the net.
:) The just turn off as long as you can work (if you have console access). If sometime stops working, read about the just terminated think (man page and so on). oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.
participants (3)
-
d_lord@gmx.de
-
Steffen Dettmer
-
twowitchesinthelight@btinternet.com