-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 J. Paul Bruns-Bielkowick:
Port 111 is sunrpc. I forgot the exact name of the package that leaves this open (perhaps someone else can recall it). If you type 'netstat -p' (as root) you will see which programs have which ports open. For the quick fix, just kill the PID, but it will come back on the next reboot. For the real fix you need to a: disable the startup of the program in /etc/rc2.d OR uninstall the package which contains sunrpc. You may also wish to look into ipchains/iptables to restrict the use of some of your other services. If you do this, the best policy as mentioned several times today is block ALL traffic and allow the traffic you want specifically. Good luck, Phil -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8DVbaS3Jybf3L5MQRAlYfAJ9vfNk2OJ3sUb04CClDF2eZi7NDWACffpr1 pPMFEcLO+ODLe54j+4fFsIY= =XBbl -----END PGP SIGNATURE----- ----- Original Message ----- From: J. Paul Bruns-Bielkowicz <[EMAIL PROTECTED]> To: <debian-security@lists.debian.org> Sent: Tuesday, December 04, 2001 3:18 PM Subject: How do I disable (close) ports? > Hi, > I disabled all but a few ports in /etc/services, but I have > tcp 0 0 pa237.olsztyn.sdi.t:111 80.116.215.37:1064 > ESTABLISHED > when I netstat my machine. What exactly does this mean? I just want > 25/tcp open smtp > 37/tcp open time > 66/tcp open sql*net > 80/tcp open http > 110/tcp open pop-3 > 443/tcp open https > 3306/tcp open mysql > open. How can I close ports 111 and 859? They are not enabled in > /etc/services > Thanks, > J. Paul Bruns-Bielkowicz > http://www.america.prv.pl > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > >
