port 111


 
Thread Tools Search this Thread
Special Forums Cybersecurity port 111
# 1  
Old 04-11-2002
port 111

hi

if i do a portscan on my fbsd box, i got one port that i don't want to see it open
that's port 111, sunrpc, how can i close it?
and also my-sql port 1433 and port 1523 (cichild-lm)

tnx for your help!!
# 2  
Old 04-12-2002
Check the man page for services and inetd.conf - (works on SUN)
Hopefully yours are the same - you can then comment out the ones you don't want.
thehoghunter
# 3  
Old 04-12-2002
On FreeBSD, you should check your /etc/inetd.conf file to make sure that all the services you don't want has a # at the front of the line.
Then, edit the /etc/rc.conf and let (I think) portmap=NO

Actually, I have an OpenBSD box that I don't run any services but sshd - I have disabled both portmap and inetd.

The easiest way to clear this up may be to reboot, unless you want to try to kill everything thats running that you just turned off.

Check again to see what ports are open, and keep adjusting and researching until it's how you want it!

Also, you figure out what process is opening port 1433 and 1533 for sure is to use "lsof", a wonderful free tool that may already be installed on your system.
# 4  
Old 04-14-2002
You must create a firewall configuration file. Check the one which FBSD already uses as sample, /etc/rc.firewall, adjust it to your needs, and enable the firewall at boot time [add two lines: firewall_enable="YES" and firewall_type="SIMPLE" in /etc/rc.conf, start the firewall using this line at runtime:# sh /etc/rc.firewall, and you're finished. But be careful, you should have the console close, especially if you made a mistake somewhere...
# 5  
Old 04-17-2002
Why do you need a firewall if you close the ports? You can't attack a port that isn't open...
# 6  
Old 04-18-2002
Yes, that's true, but a firewall can drop a packet, while a closed port usually returns "icmp port unreachable", and is harder to fingerprint the OS on the machine
# 7  
Old 04-18-2002
A firewall is yet another item that can be not only fingerprinted, but exploited and bypassed, only to hit that much harder on admins lulled into a false sense of security...

For example, look at the recent developments with fragroute vs. snort. It can be used to perform very common attacks right under snort's nose without even a whimper... I realize that snort is probably not what you had in mind, but I am willing to bet this becomes a very widely used attack tool to bypass both IDS and firewalls completely, until a better solution is attained.
Login or Register to Ask a Question

Previous Thread | Next Thread

5 More Discussions You Might Find Interesting

1. Solaris

How to find port number wwn of particular port on dual port HBA,?

please find the below o/p for your reference bash-3.00# fcinfo hba-port HBA Port WWN: 21000024ff295a34 OS Device Name: /dev/cfg/c2 Manufacturer: QLogic Corp. Model: 375-3356-02 Firmware Version: 05.03.02 FCode/BIOS Version: BIOS: 2.02; fcode: 2.01;... (3 Replies)
Discussion started by: sb200
3 Replies

2. Solaris

Cabling and adapters to communicate to service processor serial port from Windows PC with USB port.

Hello, I have an unloaded T5140 machine and want to access the ILOM for the first time and subsequently the network port after that., and then load Solaris 10 the final January 2011 build. The first part is what confuses me -the cabling. I am coming from a Windows machine (w/appropriate... (5 Replies)
Discussion started by: joboy
5 Replies

3. Solaris

How to enable Serial port on ILOM, when Network Port is enabled in parallel

Hi Everyone, In my environment, I have few T5220. On the iLOM Management Card, I have both Network and Serial port are cabled, I don't have any issues while I try to connect using Network Management port, but when I try to connect the serial port for the same server which is actually connected... (3 Replies)
Discussion started by: bobby320
3 Replies

4. Filesystems, Disks and Memory

Sparc11 or 111?

How can I check the architecture version on a sun box? So far I've tried; arch -k which gives sun4u and uname -a which gives SunOS <hostname> 5.8 Generic_108528-22 sun4u sparc SUNW,Ultra-4 but nothing which definitively states sparc11 or 111 - any ideas? (2 Replies)
Discussion started by: mattd
2 Replies

5. UNIX for Dummies Questions & Answers

111.22.31.123:1554, port 1554 defined where?

hi, given this 111.22.31.123:1554, isnt this 1554 defined in /etc/services? i am on aix. and this 1554 is a port? thanks (7 Replies)
Discussion started by: yls177
7 Replies
Login or Register to Ask a Question