Click to See Complete Forum and Search --> : slackware question
mandreko
12-26-2000, 10:09 PM
i've never used slackware, but i encountered a slackware server i was working on. It has tons of open ports. I commented out all the ones i could in the /etc/inetd.conf file, and restarted inetd. that didn't help, so i even rebooted the computer.
still, all those ports are open... anythin i can do to close them off? it's not even close to any other distro i've used...
iDxMan
12-26-2000, 10:30 PM
What ports?
If the services were not started by inetd, then you might want to check in /etc/rc.d/rc.inet2
Then again, it depends on what is open. (ex: rc.M starts sendmail)
-r
wmHardRock
12-26-2000, 10:33 PM
If that server needs to be secure use OpenBSD; there are no known security flaws in the standard install. Else, I don't know.
*Lo*Tek*
12-26-2000, 11:02 PM
Originally posted by mandreko:
i've never used slackware, but i encountered a slackware server i was working on. It has tons of open ports. I commented out all the ones i could in the /etc/inetd.conf file, and restarted inetd. that didn't help, so i even rebooted the computer.
still, all those ports are open... anythin i can do to close them off? it's not even close to any other distro i've used...
gee, I encounter that same problem in my Linux box, although it uses Mandrake 7.1...
I've already edited the inetd.conf so that the service that is left uncommented is auth, but still, when i do a portscan on my Linux box, it still reveals that several ports are still open...
as far as i know, there is a file similar to inetd.conf that lists the services and the port numbers assigned to these services... from there, i could comment out the service and port number assiged, therefore blocking any access to that port... my problem is i can't remember the name and location of the darned file...
could somebody refesh my memory about that?
Inferno
12-26-2000, 11:21 PM
Are you running Portsentry?
mandreko
12-26-2000, 11:25 PM
not running portsentry, but i'll try the files in the rc.d folder... it's just a bit different than my redhat 6.2 box http://www.linuxnewbie.org/ubb/smile.gif
tko fx
12-27-2000, 02:24 AM
LoTek, you execute 'killall -HUP inetd'
just a quick question, cause if you haven't that's the problem, past that setup an ipchains ruleset to close the remaining ports or use portsentry to monitor them.
crohozen
12-29-2000, 06:46 PM
Are you scanning the machine locally or are you scanning the machine from another machine? I believe you get different results from each ... and Im sure it matters more whats open from a different machine
------------------
I wish I was a penguin!!
mandreko
12-29-2000, 08:19 PM
i tried both ways and got the exact same results