[NCLUG] Closing ports

Michael Dwyer mdwyer at sixthdimension.com
Tue Apr 24 09:52:04 MDT 2001


> My comment about /etc/services was a bit naive.  I know it's just a
lookup table
> for mapping service names to port numbers and protocols.  At the time
I was
> working on my problem, I had encountered web pages indicating that in
some
> OS'es, commenting out lines in /etc/services would close the port and
disable
> the corresponding service once the network had been restarted.

If the program was done 'correctly', that would work.  In theory, if you
commented out the telnet line in /etc/services then when the telnet
service tried to start, it would make a getservbyname() call to find out
what port to listen to.  It wouldn't find a telnet service entry, so it
would fail out.

Unfortunatly, I expect that most programmers no longer consider
/etc/services to be the canonical source it used to be.  I expect telnet
would actually fall back to a compiled-in default port, and still
continue to run.

The other side effect of removing services from the /etc/services file,
is that you can no longer look them up for yourself.  eg, if you are
looking at a netstat listing, it will look up the service names for
you -- it will show :SSH instead of :22.







More information about the NCLUG mailing list