On Thu, 22 Nov 2001, Ray Dillinger wrote:
When I run nmap against my system, it says something called "auth" is running on port 113. But there is no man page for auth. What is it? What will quit working if I shut it down?
It's the ident service. Its not needed anymore these days, although some mail-servers still try to gather information from it. If you disable it, and make your firewall make answering with RST to SYN's to this port, everything should be fine.
In inetd.conf, there were several services -- such as a "time" daemon with both UDP and TCP sockets, that had no explanation. I shut them down and nothing seems to have broken.
The documentation for sunrpc, which binds port 111, does not say what it's used for in a SuSE install. Clearly, there could be important stuff depending on it. How can I tell whether there actually is? Just shut it down and see what breaks? Aargh!
Thinks like NFS need it to work. In general any RPC service. Sebastian -- ~ ~ perl self.pl ~ $_='print"\$_=\47$_\47;eval"';eval ~ krahmer@suse.de - SuSE Security Team ~