Date: Sun, 17 Sep 2000 07:48:08 -0400 From: "Otter" <otterr@telocity.com> To: "Wolfgang Drews" <drews@dynamic-webpages.de>, <questions@FreeBSD.ORG> Subject: RE: closing ports Message-ID: <HLEDJBJKDDPDJBMGCLPPCECBCDAA.otterr@telocity.com> In-Reply-To: <NEBBIADNALBOADKLEAOCGEABCFAA.drews@dynamic-webpages.de>
next in thread | previous in thread | raw e-mail | index | archive | help
}Hi FreeBSD-Team, } }I have a little problem with closing ports on my FreeBSD-Server. }I read the security-chapter in your handbook, and fount out, that }ports, that are not used, should be closed. Well, i did a portscan }on the machine and nearly got nervous, seeing how many ports are }open, but really not used (as there are telnet, mysql, nnpt and so }on ...). Now i tought, "well, search the services-file in /etc/ and }try to close them in it", but that seems to be the wrong way. Can }you maybe help me, and tell me, how to close all those ports i do }not need? (A link to a documentation about it would maybe be enough). } }ok, the system is FreeBSD 4.1 (VKERN)-Release. } }would be great to hear from you ;-) } }with best regards, } }-Wolfgang } Wolfgang, /etc/services is basically just a list of common services and the ports they reside on by default. these are not the only ports they run on; as most, if not all, can be configured to run on other ports. this is also not a complete list of all available services, just common ones. as for closing up ports, some can be done in /etc/rc.conf, some may be done in /etc/inetd.conf, and so on. look to your init area for what needs to be shut down. you can disable installed apps you don't need running. Also check you /usr/local/etc/rc.d dir for unnecessary init scripts. if you want to shutdown sunrpc, add a line in /etc/rc.conf that says 'portmap_enable="NO"'. if you want to kill your ftpd, comment out the line in /etc/inetd.conf. Check into your defaults files and see what other options you have... maybe close out telnet and all remote X sessions? comment out the R apps (telnetd, rlogind, rshd, etc). Hope this helps. -Otter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?HLEDJBJKDDPDJBMGCLPPCECBCDAA.otterr>