On Tue, Dec 04, 2001 at 09:18:09PM +0100, J. Paul Bruns-Bielkowicz wrote: > Hi, > I disabled all but a few ports in /etc/services, but I have > tcp 0 0 pa237.olsztyn.sdi.t:111 80.116.215.37:1064 > ESTABLISHED
Well, you're not actually DIABLING anythingin /etc/services. That file is just a list of known port-numbers. However, some services will be configured to use the names instead of the port-numbers whendeciding which port to use. As it can't find it in /etc/services, it can't start. But, it's the wrong way to do it. > when I netstat my machine. What exactly does this mean? I just want > 25/tcp open smtp > 37/tcp open time > 66/tcp open sql*net > 80/tcp open http > 110/tcp open pop-3 > 443/tcp open https > 3306/tcp open mysql > open. How can I close ports 111 and 859? They are not enabled in > /etc/services > Thanks, > J. Paul Bruns-Bielkowicz > http://www.america.prv.pl > Look in /etc/inetd.conf. It's there that you have to close a bunch of services. inetd is sort of a supoer-daemon that listens on a lot of ports and starts a program that gets the connection after it's established. Then, look in /etc/inittab. There, you will have a line that looks like this: id:2:initdefault: This line says what RUNLEVEL your machine will start in. If your machine has a 2 there, go to /etc/rc2.d and list the catalog. The process "init", which is the mother of ALL other processes, will use the symbolic links there to say which services to start and which to stop in that runlevel. Take note: Not everything *are* services, some things are programs that should be run on boottime, and some are simply local daemons. syslog, for example, you do not want to stop. The symbolic links that start with an S will be run with a "start" argument, those with a K will be run with a "stop" argument. Thus, to keep a services from starting in that runlevel, remove the S-scriptfrom the catalog. You only remove the symbolic link, the real script lays in /etc/init.d - thus if you want to add it again, just reinstate the symbolic link. Just note the way the files are made up. Another, less drastic way to remove services, is to just mv the files, that is rename them. It's enough to change S to s and K to k, then it will not be run. But as I said, you should not just go ahead and remove things there without knowing what they are. They could even be vital for the functionality of the machine. So, just look at the scripts and try to understand what service they start. And if they start no service, leave it there if unsure. What I'm trying to say, is that some learning and understanding is definitely needed here. Study the files I've mentioned, and if you learn it, you will have learnt something extremely important. -- - Vegard Engen, member of the first RFC1149 implementation team.
