How do i insure that all ports are closed except 80 and 22
Is there a way to make sure all ports are closed except certain ones.
Thanks in advance. Adam:cool: |
Yes.
First find out which ports are open. as Root type: netstat -natp example output below shows only sshd running and open for all access 0.0.0.0.* --------------- Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 511/sshd2 --------------- then switch off all the ones you don't want by going into the following directory. /etc/xinetd.d/ create a directory in here called old /etc/xinetd.d/old then move every service you don't want to this "old" directory. mv wu-ftpd old etc etc etc then restart the inetd service. /etc/rc.d/init.d/xinetd restart then type netstat -natp again to see what's left. Any service that you don't want, might be started in other places by rc.local or other run level file other then xinetd.conf so for example you see that sshd is running on port 22 and hasn't stop, if you wanted to stop it and don't know the location of the file that started it type this: "or the port number of the service your looking for, in this case I'm looking for port 22" fuser -n tcp 22 "displays" 22/tcp: 511 13607 Now type the last number which is the pid number of the service. ps -ef | grep 13607 "displays" root 13607 511 0 11:11 ? 00:00:00 /usr/local/sbin/sshd2 now you know it's the sshd2 service running from /usr/local/sbin/sshd2 so type: /usr/local/sbin/sshd2 stop If this doesn't help stop the service required then it's run from run level 3 or started in the /etc/rc.d/rc.local file. Type this to show you the services started from the different run levels. chkconfig --list find the name of the service that is running, from the corresponding port number listed in the netstat -natp output and type it's name in the following format: The example below is to stop auth port 113 service. chkconfig --level 23 identd off It's that easy. :) /Raz |
All times are GMT -5. The time now is 10:16 AM. |