File: 41.html

package info (click to toggle)
lg-issue50 2-1
  • links: PTS
  • area: main
  • in suites: sarge
  • size: 1,880 kB
  • ctags: 157
  • sloc: sh: 47; makefile: 34; perl: 23
file content (221 lines) | stat: -rw-r--r-- 8,795 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
 
<!--startcut ======================================================= -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<html>
<head>
<META NAME="generator" CONTENT="lgazmail v1.3B.f">
<TITLE>The Answer Guy 50: Closing Ports, Disabling Unwanted Services</TITLE>
</HEAD><BODY BGCOLOR="#FFFFFF" TEXT="#000000"
	LINK="#3366FF" VLINK="#A000A0">
<!-- ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
<H4>"The Linux Gazette...<I>making Linux just a little more fun!</I>"</H4>
<P> <hr> <P>
<!-- ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
<center>
<H1><A NAME="answer">
	<img src="../../gx/dennis/qbubble.gif" alt="(?)" 
		border="0" align="middle">
	<font color="#B03060">The Answer Guy</font>
	<img src="../../gx/dennis/bbubble.gif" alt="(!)" 
		border="0" align="middle">
</A></H1> 
<BR>
<H4>By James T. Dennis,
	<a href="mailto:linux-questions-only@ssc.com">linux-questions-only@ssc.com</a><BR>
	LinuxCare,
	<A HREF="http://www.linuxcare.com/">http://www.linuxcare.com/</A> 
</H4>
</center>

<p><hr><p>
<!--  endcut ======================================================= -->
<!-- begin 41 -->
<H3 align="left"><img src="../../gx/dennis/qbubble.gif" 
	height="50" width="60" alt="(?) " border="0"
	>Closing Ports, Disabling Unwanted Services</H3>


<p><strong>From Troy Miller on Tue, 18 Jan 2000  
</strong></p>
<!-- ::
Closing Ports, Disabling Unwanted Services
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
:: -->
<P><STRONG>
I'm new to Linux and I'm trying to secure my PC.  I have a DSL line and I
found out I have 4 open ports (FTP, Finger, Telnet and SMTP).  I'm trying to
find a resource on how to close these ports.  I do not plan to use them at
this time.  I don't want to compromise my system.
</STRONG></P>
<P><STRONG>
Thanks,
<br>Troy
</STRONG></P>
<BLOCKQUOTE><IMG SRC="../../gx/dennis/bbub.gif" ALT="(!)"
	HEIGHT="28" WIDTH="50" BORDER="0"
	>
Bravo!  You are doing the right thing.
</BLOCKQUOTE>
<BLOCKQUOTE>
Three of the services you mention are usually launched
dynamically by inetd.  So you can disable them by
editing your <TT>/etc/inetd.conf</TT> file, find these services
by name, and commenting them out of the file (inserting
a "<tt>#</tt>" (hash/pound sign) at the beginning of those lines).
After that you can send a HUP signal to inetd to force it
to re-initialize itself.  You can use the following command
to do that:
</BLOCKQUOTE>
<BLOCKQUOTE><BLOCKQUOTE><CODE>
kill -HUP $(cat <TT>/var/run/inetd.pid</TT>)
</CODE></BLOCKQUOTE></BLOCKQUOTE>
<BLOCKQUOTE>
Of course, in this case you aren't running ANY other
inetd services so you can even just kill you inetd process
using a command like:
</BLOCKQUOTE>
<BLOCKQUOTE><BlockQuote><Code>
/etc/rc.d/init.d/inetd stop
</Code></BlockQuote></BLOCKQUOTE>
<BLOCKQUOTE>
... or something like that.  (The exact path to your
<TT>/etc/.../init.d</TT> scripts might differ depending on
your distribution).
</BLOCKQUOTE>
<BLOCKQUOTE>
You can also find an remove the <tt>rcX.d</tt> scripts that
start inetd during boot if you like.  Your system
might have a '<tt>chkconfig</tt>' command to manage those
SysV init symlinks for you, or you can use the
technique that I've described here before
(create <TT>/etc/.../rc*.d/disabled</TT> directories, and
move the S??... symlinks into those as appropriate).
</BLOCKQUOTE>
<BLOCKQUOTE>
Search the back issues for "sysv init" to hear the
long-winded discussion of how all of that works.
</BLOCKQUOTE>
<BLOCKQUOTE>
That leaves the SMTP service.  That is probably being
provided by sendmail, which is probably being loaded
"standalone" (not dynamically through inetd).  So you
also want to find the <TT>/etc/.../rcX.d/S*</TT> script that's
starting sendmail and disable that.
</BLOCKQUOTE>
<BLOCKQUOTE>
After you've done that you'll have a machine that
doesn't provide any network services to anyone.
</BLOCKQUOTE>
<BLOCKQUOTE>
You can double check that using a command like:
</BLOCKQUOTE>
<BLOCKQUOTE><BLOCKQUOTE><CODE>
netstat --inet -an
</CODE></BLOCKQUOTE></BLOCKQUOTE>
<BLOCKQUOTE>
... and looking for anything that's in the LISTEN
state.  You can also check it using a port scanner
like nmap from another system.  (I'm guessing that
you've already been playing with one of those,
to get the information on which you've based this
question).
</BLOCKQUOTE>

<!-- sig -->
<!-- end 41 -->
<!--startcut ======================================================= -->
<P> <hr> <P>
<H5 align="center"><a href="http://www.linuxgazette.com/copying.html"
	>Copyright &copy;</a> 2000, James T. Dennis 
<BR>Published in <I>The Linux Gazette</I> Issue 50 February 2000</H5>
<H6 ALIGN="center">HTML transformation  by
	<A HREF="mailto:star@starshine.org">Heather Stern</a> of
	Starshine Technical Services,
	<A HREF="http://www.starshine.org/">http://www.starshine.org/</A> 
</H6>
<P> <hr> <P>
<!-- begin tagnav ::::::::::::::::::::::::::::::::::::::::::::::::::-->
<TABLE WIDTH="95%"><TR VALIGN="center" ALIGN="center">
<TD colspan="2" rowspan="2"><A 
	HREF="../lg_answer50.html"
	><IMG SRC="../../gx/dennis/answernew.gif"
              ALT="[ Answer Guy Current Index ]"></A>
<TD colspan="2" rowspan="2"><A 
	HREF="../../tag/kb.html"
	><IMG SRC="../../gx/dennis/answertoc.gif"
              ALT="[ Index of Past Answers ]"></A></td>
  <TD WIDTH="11%"><A HREF="../lg_answer50.html#greeting"><img
	src="../../gx/dennis/smily.gif" alt="greetings" border="0"></A></TD>
  <TD WIDTH="11%"><A HREF="1.html">1</A></TD>
  <TD WIDTH="11%"><A HREF="2.html">2</A></TD>
  <TD WIDTH="11%"><A HREF="3.html">3</A></TD>
  <TD WIDTH="11%"><A HREF="4.html">5</A></TD>
</TR><TR VALIGN="center" ALIGN="center">
  <TD WIDTH="11%"><A HREF="5.html">5</A></TD>
  <TD WIDTH="11%"><A HREF="6.html">6</A></TD>
  <TD WIDTH="11%"><A HREF="7.html">7</A></TD>
  <TD WIDTH="11%"><A HREF="8.html">8</A></TD>
  <TD WIDTH="11%"><A HREF="9.html">9</A></TD>
</TR><TR VALIGN="center" ALIGN="center">
  <TD WIDTH="10%"><A HREF="10.html">10</A></TD>
  <TD WIDTH="10%"><A HREF="11.html">11</A></TD>
  <TD WIDTH="10%">&nbsp;</TD>
  <TD WIDTH="10%"><A HREF="13.html">13</A></TD>
  <TD WIDTH="11%"><A HREF="14.html">14</A></TD>
  <TD WIDTH="11%"><A HREF="15.html">15</A></TD>
  <TD WIDTH="11%"><A HREF="16.html">16</A></TD>
  <TD WIDTH="11%"><A HREF="17.html">17</A></TD>
</TR><TR VALIGN="center" ALIGN="center">
  <TD WIDTH="10%"><A HREF="18.html">18</A></TD>
  <TD WIDTH="10%"><A HREF="19.html">19</A></TD>
  <TD WIDTH="10%"><A HREF="20.html">20</A></TD>
  <TD WIDTH="10%"><A HREF="21.html">21</A></TD>
  <TD WIDTH="11%"><A HREF="22.html">22</A></TD>
  <TD WIDTH="11%"><A HREF="23.html">23</A></TD>
  <TD WIDTH="11%"><A HREF="24.html">24</A></TD>
  <TD WIDTH="11%">&nbsp;</TD>
</TR><TR VALIGN="center" ALIGN="center">
  <TD WIDTH="10%"><A HREF="26.html">26</A></TD>
  <TD WIDTH="10%"><A HREF="27.html">27</A></TD>
  <TD WIDTH="10%"><A HREF="28.html">28</A></TD>
  <TD WIDTH="10%"><A HREF="29.html">29</A></TD>
  <TD WIDTH="11%"><A HREF="30.html">30</A></TD>
  <TD WIDTH="11%"><A HREF="31.html">31</A></TD>
  <TD WIDTH="11%"><A HREF="32.html">32</A></TD>
  <TD WIDTH="11%"><A HREF="33.html">33</A></TD>
</TR><TR VALIGN="center" ALIGN="center">
  <TD WIDTH="10%"><A HREF="34.html">34</A></TD>
  <TD WIDTH="10%">&nbsp;</TD>
  <TD WIDTH="10%"><A HREF="36.html">36</A></TD>
  <TD WIDTH="10%"><A HREF="37.html">37</A></TD>
  <TD WIDTH="11%"><A HREF="38.html">38</A></TD>
  <TD WIDTH="11%"><A HREF="39.html">39</A></TD>
  <TD WIDTH="11%"><A HREF="40.html">42</A></TD>
  <TD WIDTH="11%"><A HREF="41.html">41</A></TD>
</TR><TR VALIGN="center" ALIGN="center">
  <TD WIDTH="10%"><A HREF="42.html">42</A></TD>
  <TD WIDTH="10%"><A HREF="43.html">43</A></TD>
  <TD WIDTH="10%"><A HREF="44.html">44</A></TD>
  <TD WIDTH="10%"><A HREF="45.html">45</A></TD>
  <TD WIDTH="11%"><A HREF="46.html">46</A></TD>
  <TD WIDTH="11%"><A HREF="47.html">47</A></TD>
  <TD WIDTH="11%"><A HREF="48.html">48</A></TD>
</TR></TABLE>
</TR><TR VALIGN="center" ALIGN="center">
<!-- end tagnav ::::::::::::::::::::::::::::::::::::::::::::::::::::-->
<P> <hr> <P>
<!-- begin lgnav ::::::::::::::::::::::::::::::::::::::::::::::::::: -->
<A HREF="../index.html"
	><IMG SRC="../../gx/indexnew.gif" ALT="[ Table Of Contents ]"></A>
<A HREF="../../index.html"
	><IMG SRC="../../gx/homenew.gif" ALT="[ Front Page ]"></A>
<A HREF="../lg_bytes50.html"
	><IMG SRC="../../gx/back2.gif" ALT="[ Previous Section ]"></A>
<A HREF="../../faq/index.html"
	><IMG SRC="../../gx/dennis/faq.gif"
              ALT="[ Linux Gazette FAQ ]"></A>
<A HREF="../lg_tips50.html"
	><IMG SRC="../../gx/fwd.gif" ALT="[ Next Section ]"></A>
<!-- end lgnav ::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
<!-- ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
</BODY></HTML>
<!--endcut ========================================================= -->