Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Closing out ports???
Special Forums IP Networking Closing out ports??? Post 28534 by s93366 on Thursday 19th of September 2002 03:55:06 PM
Old 09-19-2002
Hi..

First of all.. Don't remove stuff from /etc/services.. thats not the
way to go!!!! If you have a backup of the original services file
i suggest you replace the one you modified with the orginal.. or simply copy it from
another box running the same OS and version...

Please tell me what os you are running ! That really helps..
To check for open ports try: netstat -a |grep LISTEN (should work
on most unixes)

you should check the /etc/inetd.conf
for services and comment them out.. example:

pop3 stream tcp nowait root /usr/sbin/popa3d popa3d

line in /etc/inetd.conf will enable POP3 mail services..
just comment it out to disable it with a
# sign in front like this!

#pop3 stream tcp nowait root /usr/sbin/popa3d popa3d

then find out the pid of inetd and run kill -HUP <PID_OF_INETD_HERE> or simply reboot the server...

You should also check your startup files för services (depends on OS and init type where to find them.. please tell me what os you are running. This could be done with the command: uname -a)

You could also checkout if there is a free firewall available for your unix/linux if you want more control of what to let in and out of a server.

Hope this helps some..

/Peter C
 

9 More Discussions You Might Find Interesting

1. Cybersecurity

closing open ports

/* Linux Slackware */ Nmap shows the following ports open on the gateway. 21/tcp ftp 22/tcp ssh 23/tcp telnet 25/tcp smtp 37/tcp time 80/tcp http 113/tcp auth 515/tcp printer 587/tcp submission 1024/tcp kdm 6000/tcp x11 ------------------------------- i would like to close as... (10 Replies)
Discussion started by: LowOrderBit
10 Replies

2. Cybersecurity

firewall vs. closing ports

This may be kind of a stupid question, but here goes: Say I'm running a FreeBSD webserver (w/apache). I've managed to close ALL open ports (including SSH/telnet and portmapper), excepting '80' that apache is listening on. A netstat -a shows me nothing open. Discounting DoS/DDoS or holes in... (7 Replies)
Discussion started by: adam_crosby
7 Replies

3. Post Here to Contact Site Administrators and Moderators

Closing a thread

hi, Just wondering if there could be a way to close threads whose creator has got the desired reply. however if someone still wants to give a remark or suggest further on the thread one can still do so. Besides on the control panel there should be some kind of selection criteria to view... (3 Replies)
Discussion started by: linuxpenguin
3 Replies

4. Shell Programming and Scripting

closing windows

Ok i know to open a window from a script (mac); open whatever(name of a directory) but i don't how to close it. please some help. thanks. (0 Replies)
Discussion started by: Tártaro
0 Replies

5. IP Networking

Closing the socket

Hi, I have a question on closing the listen socket in server. In the application I am working, the server is continously receiving requests from the client in its master socket to handle each request. There is an option to shutdown the server process. In this case do I need to explicitly close... (1 Reply)
Discussion started by: naan
1 Replies

6. Post Here to Contact Site Administrators and Moderators

Thread Closing

Not sure as to How to close a thread so people understand that the issue was solved and the issue is not just sitting in limbo still waiting for a resolution. (1 Reply)
Discussion started by: mrmurdock
1 Replies

7. Shell Programming and Scripting

closing unwanted open ports using scripts

i have a text file i.e file1.txt which shows open ports on particular system. i have another text file i.e file2.txt which shows a list of allowed ports on a system. for eg: file2.txt 22/tcp ssh 23/tcp telnet. can i have a script which would compare these text files ,file1 and file2 ... (1 Reply)
Discussion started by: anand121
1 Replies

8. What is on Your Mind?

AllTheWeb closing

It was officially announced that AllTheWeb is closing. Yahoo! no longer supports the function as per april 2011: AlltheWeb.com Before the world turned to google by default, there used to be a plethora of search engines. Most of them gave a headache with the prolific use of colors and animated gifs... (4 Replies)
Discussion started by: figaro
4 Replies

9. Post Here to Contact Site Administrators and Moderators

Closing thread

Hi, I guess, users do not have rights to close a thread. Please close thread 'Small automation' as it is resolved. Regards, snjksh (1 Reply)
Discussion started by: snjksh
1 Replies

LEARN ABOUT CENTOS

sserver

SSERVER(8)							   MIT Kerberos 							SSERVER(8)

NAME

       sserver - sample Kerberos version 5 server

SYNOPSIS

       sserver [ -p port ] [ -S keytab ] [ server_port ]

DESCRIPTION

       sserver	and  sclient(1)  are  a  simple demonstration client/server application.  When sclient connects to sserver, it performs a Kerberos
       authentication, and then sserver returns to sclient the Kerberos principal which was used for the Kerberos authentication.  It makes a good
       test that Kerberos has been successfully installed on a machine.

       The  service  name  used  by  sserver and sclient is sample.  Hence, sserver will require that there be a keytab entry for the service sam-
       ple/hostname.domain.name@REALM.NAME.  This keytab is generated using the kadmin(1) program.   The  keytab  file	is  usually  installed	as
       FILE:/etc/krb5.keytab.

       The -S option allows for a different keytab than the default.

       sserver is normally invoked out of inetd(8), using a line in /etc/inetd.conf that looks like this:

	      sample stream tcp nowait root /usr/local/sbin/sserver sserver

       Since sample is normally not a port defined in /etc/services, you will usually have to add a line to /etc/services which looks like this:

	      sample	      13135/tcp

       When  using  sclient,  you will first have to have an entry in the Kerberos database, by using kadmin(1), and then you have to get Kerberos
       tickets, by using kinit(1).  Also, if you are running the sclient program on a different host than the sserver it will be connecting to, be
       sure that both hosts have an entry in /etc/services for the sample tcp port, and that the same port number is in both files.

       When you run sclient you should see something like this:

	      sendauth succeeded, reply is:
	      reply len 32, contents:
	      You are nlgilman@JIMI.MIT.EDU

COMMON ERROR MESSAGES

       1. kinit returns the error:

		 kinit: Client not found in Kerberos database while getting
		     initial credentials

	  This means that you didn't create an entry for your username in the Kerberos database.

       2. sclient returns the error:

		 unknown service sample/tcp; check /etc/services

	  This means that you don't have an entry in /etc/services for the sample tcp port.

       3. sclient returns the error:

		 connect: Connection refused

	  This probably means you didn't edit /etc/inetd.conf correctly, or you didn't restart inetd after editing inetd.conf.

       4. sclient returns the error:

		 sclient: Server not found in Kerberos database while using
		     sendauth

	  This	means that the sample/hostname@LOCAL.REALM service was not defined in the Kerberos database; it should be created using kadmin(1),
	  and a keytab file needs to be generated to make the key for that service principal available for sclient.

       5. sclient returns the error:

		 sendauth rejected, error reply is:
		     "No such file or directory"

	  This probably means sserver couldn't find the keytab file.  It was probably not installed in the proper directory.

SEE ALSO

       sclient(1), services(5), inetd(8)

AUTHOR

       MIT

COPYRIGHT

       1985-2013, MIT

1.11.3																	SSERVER(8)
All times are GMT -4. The time now is 11:07 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy