[NCLUG] Closing ports
R P Herrold
herrold at owlriver.com
Sun Apr 22 08:30:34 MDT 2001
On Sun, 22 Apr 2001, dobbster wrote:
> By the way, I do have all of these ports commented out in /etc/services,
<snip lament about not running the service>
... Clip and save ...
Commenting out a given service name in /etc/services does
NOTHING to stop it from running -- /etc/services is just a
'phonebook' allowing for looking up the ports used by a given
service IF it is not already known. Just as you do not need
to look up your home phone number every time you make a call
home, the portmap binary 'knows' where it is going to ...
Commenting out in /etc/services has NO EFFECT.
-------------------------
Stopping the portmapper --
You do not mention if you are running a Slack or a RH
(BSD-type or SysV-type initscripts) distribution. In either
case, this should work:
mv /usr/sbin/portmap /usr/sbin/portmap-hold
... that is we move the portmap binary away from its usual
location, and the service will not start. This is a hackish
solution, but should work.
In a host exposed on the public internet, it is much better
is to formally remove the package and its ancillaries, along
with the YP utilities, and R services, and so forth. A
discussion of this moves to formal hardening and is beyond the
scope of your question.
-- Russ
More information about the NCLUG
mailing list