From owner-freebsd-questions Thu May 11 3:37:37 2000 Delivered-To: freebsd-questions@freebsd.org Received: from diogenis.ceid.upatras.gr (diogenis.ceid.upatras.gr [150.140.141.181]) by hub.freebsd.org (Postfix) with SMTP id 7E3BC37B790 for ; Thu, 11 May 2000 03:37:30 -0700 (PDT) (envelope-from keramida@ceid.upatras.gr) Received: (qmail 1869 invoked from network); 11 May 2000 10:35:22 -0000 Received: from zenon.ceid.upatras.gr (150.140.141.182) by diogenis.ceid.upatras.gr with SMTP; 11 May 2000 10:35:22 -0000 Received: (qmail 3335 invoked by uid 1465); 11 May 2000 10:35:21 -0000 Message-ID: <20000511103521.3334.qmail@zenon.ceid.upatras.gr> From: keramida@ceid.upatras.gr Date: Thu, 11 May 2000 13:35:21 +0300 To: Alan Chan Cc: questions@freebsd.org Subject: Re: closing port 25 & 111 References: <22776964.958008622932.JavaMail.imail@ants.excite.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <22776964.958008622932.JavaMail.imail@ants.excite.com>; from alanux@excite.com on Wed, May 10, 2000 at 06:30:22PM -0700 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, May 10, 2000 at 06:30:22PM -0700, Alan Chan wrote: > Hi, I am running a FreeBSD gateway and firewall. Currently, the > above-referenced ports are open and I wanted to close it. Can anyone show > me how to close port 25 (SMTP) and 111 (sunrpc)? By the way, what is port > 111 anyway? I have messaged out SMTP in the file /etc/inetd.conf, but it's > still open when i'm running nmap. Any reasons why? Sendmail kees that 25 port open, and portmap I think the other one. Copy from /etc/defaults/rc.conf the lines that enable services, i.e those that end up in "YES", and set those that you want to disable in "NO" in your /etc/rc.conf file. Then, you can do more funny things with hosts.allow and ipfw(8), to make sure that the services that you don't want to be visible from `outside' are blocked. For hosts.allow and ipfw read the appropriate manpages. - giorgos To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message