From: "john" <john@jmtl.com> Date: Fri, 22 Dec 2000 01:07:13 -0000 Message-ID: <LPBBKPAICKJBFIBNNPJEGEGBDBAA.john@jmtl.com> Subject: RE: [SLE] Closing Open Ports ? lsof is a very powerful tool for looking up things that are open. For example: # lsof | egrep "TCP|UDP" In your case: # lsof | egrep "111|931|934|939" I can tell you straight off that 111 will be the portmap process. Portmap plays a very important roll in RPC process inter communication. I would not recommend disabling it without first of all checking what you are running that needs RPC. For this use: # rpcinfo -p If you are concerned about access to this port then read the portmap man page and look at the section that talks about the use of the /etc/hosts.{allow,deny} files. BTW, if that looks odd to you, try ls'ing it - it's a useful syntax for wildcarding filenames :) If you're not running any firewall options then I'd recommend pmFirewall from: http://www.pointman.org It's close to being the first idiot proof firewall config tool I've come across -- just perfect for me :-) John <p>-----Original Message----- From: Dee McKinney [mailto:dmckinney@akfiberstar.com] Sent: 18 December 2000 20:04 To: 'suse-linux-e@suse.com' Cc: 'brosenb@suse.com' Subject: RE: [SLE] Closing Open Ports ? <p>Ben, No matter what I do though these ports are still showing up ? Port State Service 111/tcp open sunrpc 931/tcp open unknown 934/tcp open unknown 939/tcp open unknown Is this something that can be dealt with locally ? /Dee <p><p><p><p>-----Original Message----- From: Ben Rosenberg [mailto:brosenb@suse.com] Sent: Sunday, December 17, 2000 10:05 PM To: SuSE Linux English Subject: Re: [SLE] Closing Open Ports ? <p>Greg, /etc/services is just a list of ports associated with services. If one wants to close the ports then you would have to comment out the line associated with them in the inetd.conf file and restart inetd. This is basic Unix/Linux thing .. it works this way on my Solaris (sparc) box, SuSE Linux box and my freeBSD box.. It's inetd that controls these things..not /etc/services. Regards, * Greg Thomas (ethant@pacificnet.net) [001217 22:11]: -**- -**-Yes, but once you kill the process associated with the port, if it is -**-commented out of /etc/services the daemon should not start up -**-the next time init scripts are run. This is an indirect way of -**-doing things, though. Haven't checked this on Linux but Solaris, -**-HP-UX, and OpenBSD behave this way. -**- -- -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq