From owner-freebsd-questions  Thu Jun 29 13:57:13 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from bico-de-lacre.iqm.unicamp.br (bico-de-lacre.iqm.unicamp.br [143.106.51.234])
	by hub.freebsd.org (Postfix) with ESMTP id 77F5C37B730
	for <questions@freebsd.org>; Thu, 29 Jun 2000 13:57:08 -0700 (PDT)
	(envelope-from atabraga@bico-de-lacre.iqm.unicamp.br)
Received: by bico-de-lacre.iqm.unicamp.br (Postfix, from userid 1001)
	id 1F38819C0; Thu, 29 Jun 2000 17:57:01 -0300 (EST)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <14683.47133.58719.962514@bico-de-lacre.iqm.unicamp.br>
Date: Thu, 29 Jun 2000 17:57:01 -0300 (EST)
From: Ataualpa Albert Carmo Braga <atabraga@iqm.unicamp.br>
To: "Hank Wethington" <bsd@info-logix.com>
Cc: questions@freebsd.org
Subject: RE: open ports question
In-Reply-To: <KFEIIDCJNHBCGLAFNMJICEIOCGAA.bsd@info-logix.com>
References: <20000629131811.U275@fw.wintelcom.net>
	<KFEIIDCJNHBCGLAFNMJICEIOCGAA.bsd@info-logix.com>
X-Mailer: VM 6.75 under Emacs 20.3.1
Reply-To: atabraga@iqm.unicamp.br
X-URL: http://www.iqm.unicamp.br
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

on Thursday, 29 Jun 2000 13:40:46, Hank Wethington wrote:
> The inetd.conf file was edited over 3 months ago, the machine has had many
> reboots since then.
> 
> Forgive me for being hesitant about listing open ports. I have security for
> port scans but direct access to a port. If there is a know exploit it can't
> be stopped if I'm not looking on.
> 
> the ones I currently have open are:
> 
> 79 Finger
> 111 Portmapper (in rc.conf I have portmap_enable="NO" so why is this coming
> up?)
> 119 NNTP which is not running as the machine is not acting as a news server
> 143 IMAP, again not running that I know of
> 540 UUCP
> 1024 ???

1024 is the xdm.

I guess the inetd.conf is the why.


> and a few others. I can block all of them with my fire wall rules, but I'm
> wondering why they're open in the first place.
> 
> Hank
> 
> 
> -----Original Message-----
> From: owner-freebsd-questions@FreeBSD.ORG
> [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Alfred
> Perlstein
> Sent: Thursday, June 29, 2000 1:18 PM
> To: Hank Wethington
> Cc: BSD
> Subject: Re: open ports question
> 
> 
> * Hank Wethington <bsd@info-logix.com> [000629 12:47] wrote:
> > Greetings,
> >
> > I was checking security on my machine by doing a portscan when I noticed
> > some ports open that I felt shouldn't be. I would like to know how to
> close
> > them.
> >
> > I have already taken out all the needed info from inetd.conf, like finger,
> > but the finger port is listening. It won't give info, but it is listening.
> > Others are listening too. Your help is appreciated.
> 
> Have you hup'd inetd?  As far as the rest of the ports you're asking
> about, how exactly are we to know what they are if you don't tell
> us which ports?
> 
> -Alfred
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message

-- 
 Ataualpa Albert Carmo Braga            atabraga@iqm.unicamp.br
                                        http://www.iqm.unicamp.br


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message