open ports...

open ports...

Post by Steve Bab » Sat, 24 Jun 2000 04:00:00



Hello,

I have setup a new Linux box and am about to place it on the net. I have ran
nmap to show me what ports are open and would like some help on these three
if possible.

113 auth - I removed auth from inetd.conf, where else can it be called from?
587 submission - I have no idea what this is, does anyone?
98 Linuxconf - I know this one, but would like to keep Linuxconf running. Is
it possible to close the port for external connections? How big is the
security risk, is it possible to connect from linuxconf on another box to my
new one easily?

Many thanks for you help.

Steve

 
 
 

open ports...

Post by Ade » Sat, 24 Jun 2000 04:00:00



>113 auth - I removed auth from inetd.conf, where else can it be called

from?

If you remove this from inetd.conf the super server will not invoke the
daemon so dont worry about it, the only other way to start the daemon, is to
start it as standalone by adding a startup script for it to the appropriate
runlevel
directory.

Quote:>587 submission - I have no idea what this is, does anyone?

err....no.

Quote:>98 Linuxconf - I know this one, but would like to keep Linuxconf running.
Is
>it possible to close the port for external connections?

you can use ipchains to deny any external access to this port. Check out the
man pages for ipchains for information on how to do this. (You do have
ipchains don't you?)

Quote:>How big is the security risk, is it possible to connect from linuxconf on
another box to my
>new one easily?

Yep, do not under any circumstances leave this port open for external
access, if you do it's an open invitation to crackers/script kiddies
everywhere to hack your system.  You can check out vunerabilities in
realation to linuxconf at www.securityfocus.com

Also check out the following web pages in relation to armouring LINUX
systems which I found it useful:

http://www.enteract.com/~lspitz/pubs.html

Also if your running Red Hat Linux 6 or above there are perl scripts which
will do a really good job at hardening your system further.  I think the
site is www.bastillelinux.org if I'm wrong however you can download it from
www.securityfocus.com

Hope this helps,

Ade.

 
 
 

open ports...

Post by Jessica Luedtk » Sat, 24 Jun 2000 04:00:00


Quote:>> 98 Linuxconf - I know this one, but would like to keep Linuxconf
>> running. Is it possible to close the port for external connections?
> you can use ipchains to deny any external access to this port. Check out
> the man pages for ipchains for information on how to do this. (You do
> have ipchains don't you?)

It's also worth mentioning that you can use linuxconf on the console
without having it running as a daemon. You only need it running as a
daemon if you plan on using it remotely (you could also log in using ssh
and use linuxconf that way, though the interface isn't nearly as pretty).

If you do decide you want to run the daemon (which I, and I believe
everyone else here, really reccomend against), make sure you restrict
access to the port.

jessica

 
 
 

open ports...

Post by elle.. » Sat, 24 Jun 2000 04:00:00



> It's also worth mentioning that you can use linuxconf on the console
> without having it running as a daemon. You only need it running as a
> daemon if you plan on using it remotely (you could also log in using ssh
> and use linuxconf that way, though the interface isn't nearly as pretty).

The cynical among us will also point out that linuxconf is more likely
to damage your system than an army of hackers, and recommend
uninstalling it. :)

--

 
 
 

open ports...

Post by John Nels » Sat, 24 Jun 2000 04:00:00




> > It's also worth mentioning that you can use linuxconf on the console
> > without having it running as a daemon. You only need it running as a
> > daemon if you plan on using it remotely (you could also log in using ssh
> > and use linuxconf that way, though the interface isn't nearly as pretty).

> The cynical among us will also point out that linuxconf is more likely
> to damage your system than an army of hackers, and recommend
> uninstalling it. :)

I'll second that, and I'm not even that cynical. I have seen Linuxconf go
from a useful tool for quick configuration and administration tasks, to a
broken tool that wouldn't run, to a badly broken tool that did things
like set up default routes to nowhere, effectively cutting the machine
off from the world (don't think THAT didn't raise the hair on the back of
my neck for a while...).

Most of what Linuxconf does can be replaced with Webmin. Just be sure to
lock it down to only the IP addresses you want to access it from.

 
 
 

open ports...

Post by David » Sat, 24 Jun 2000 04:00:00



>> 98 Linuxconf - I know this one, but would like to keep Linuxconf running.
>> Is it possible to close the port for external connections?

> you can use ipchains to deny any external access to this port. Check
> out the man pages for ipchains for information on how to do this. (You
> do have ipchains don't you?)

Just remove this daemon from your startup list.  You don't need it to
run the linuxconf program fron the console.  It's only needed for remote
administration.

If you're not behind a firewall, this is a dangerous daemon program to
leave running.  As Ade wrote, you can run ipchains to block network
access to it, but if you're going to do that, it's no different from not
running it in the first place.

-- David

 
 
 

open ports...

Post by Steve Bab » Sun, 25 Jun 2000 04:00:00


many thanks to all that replied.
I think I'll bin Linuxconf pronto.... :-)

Still can't find that "submission 587 mind you.......

Steve

 
 
 

open ports...

Post by JDW » Mon, 26 Jun 2000 04:00:00




Quote:> many thanks to all that replied.
> I think I'll bin Linuxconf pronto.... :-)

> Still can't find that "submission 587 mind you.......

> Steve

 
 
 

open ports...

Post by Walter Dn » Fri, 30 Jun 2000 04:00:00



> Still can't find that "submission 587 mind you.......

  I believe that it's an alternate SMTP port, for use by outside users
whose ISP blocks outbound port 25 traffic (direct-to-MX) from users'
machines.  Are you running some sort of alternate/aauthenticating SMTP
server?

--

SpamDunk Project procmail spamfilter at http://www.waltdnes.org
I'm not repeating myself; I'm an X-Window user... I'm an ex Windows-user

 
 
 

1. open ports - why are they open?

Hi,
 I just did a fresh install of Redhat 7.0. I have quite a few ports that
seem to be open with a port scan that are not the usual service
ports.these include 6000, 1024, & 901. I can connect to these but get no
message or anything. Also why does Sendmail accept connections on port
587 also. Thanks.

2. pppoe query

3. Ignore all incoming udp/ip and udp/ip on all ports, except open ports?

4. Network Monitoring and Notification

5. Open ports

6. HELP: Redhat Linux 3.0.3 Installation

7. opening ports with redhat 8

8. 2.5.43 s390 (2/6): config & help.

9. Open ports?

10. Open ports..

11. open ports

12. Opening ports in an IPtables firewall

13. How to open ports on my box (Please HELP