On Tue, Feb 20, 2007 at 06:47:41PM -0800, Bray Mailloux wrote:
> I ran an nmap -sS localhost which output
>
> port state service
> 13/tcp open daytime
> 22/tcp open ssh
> 25/tcp open smtp
> 37/tcp open time
> 53/tcp open domain
> 113/tcp open auth
> 587/tcp open submission
>
> This BSD box will be serving solely as a router so few of the above
> services are needed (submission, auth, domain, smtp). How do I begin
> closing down these services?
You do need smtp and submission unless you are very aware of why I say
that and are confident you do not (hint: local mail delivery is
triggered by lots of stuff).
daytime doesn't hurt, but can be turned off by stopping inetd or editing
/etc/inetd.conf; time is basically the same. Both may be useful for
testing. auth can be turned off in the same way if you don't plan on
sending any outgoing mail.
I must admit to not being aware of what would be running on 53/tcp.
netstat is your friend (for that matter, why use nmap instead?).
Just filtering aggressively using pf works as well, of course.
Joachim
