Date: Thu, 6 Sep 2001 10:06:37 -0500 (CDT) From: Tim Zingelman <zingelman@fnal.gov> To: Fernan Aguero <pichita3@netscape.net> Cc: <security@FreeBSD.ORG> Subject: Re: some weird stuff found Message-ID: <Pine.GSO.4.30.0109060947270.7654-100000@nova.fnal.gov> In-Reply-To: <08705D38.78FF6AC2.00A48379@netscape.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 6 Sep 2001, Fernan Aguero wrote: > In the last few days I started noticing strange things. Some of them > I do not understand and perhaps are normal things (such as being scanned) > and others may be more critical. > I appreciate any help and insight you can give me. > > Also: I need to print to a network printer but I'm not a print server. > Do I need 515 open? > How do I close those ports (25,587,515)? No and no. Add: sendmail_flags="-q30m" ldp_flags="-p" to your /etc/rc.conf. This will stop them from listening. > And last, I am running xdm but I only allowed connections from > localhost. Is this in any way related to X11 being on port 6000? > (/etc/services shows xdm on port 177) xdm is already not listening on 177, likely due to the line: DisplayManager.requestPort: 0 in /usr/X11R6/lib/X11/xdm/xdm-config. The same can be accomplished by adding -udpPort 0 to the xdm line in /etc/ttys like this: ttyv8 "/usr/X11R6/bin/xdm -nodaemon -udpPort 0" xterm on secure To make the X server stop listening on port 6000, you should edit /usr/X11R6/lib/X11/xdm/Xsetup_0 amd add -nolisten tcp, like this: :0 local /usr/X11R6/bin/X -nolisten tcp - Tim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.30.0109060947270.7654-100000>