Re: Closing ports

[Bruce Smith <bruce@xxxxxxxxxxx>]

> > > 111    sunrpc
> >
> > That's the portmapper.  Used for NFS.
> 
> I don't use NFS so I commented out of /etc/services

No, first the RPC portmapper is a separate service.
You need to stop it also.

Second, commenting things out of /etc/services does
not accomplish anything.  It's only a name to port
number cross reference.  It has nothing to do with
running programs.

> > > 813    unknown
> >
> > Don't know.
> >
> > Find out what process is listening on that port with
> > the
> > command:  "netstat -lp".
> 
> the netstat -lp came back with the following:
> 
> tcp  0   0 *:813    *:*    Listen

There wasn't a program listed after "Listen"?

> > > 6000   X11
> >
> > That's X windows.  You won't be able to get rid of
> > this.
> > But you could block it with ipchains, or just make
> > sure
> > you have X authorization turned on, and be careful
> > with
> > "xhost" commands.
> 
> I'm not familiar with IPCHAINS so off a reading I will
> go. As far as X authorization go is that in the
> documentation for X or would that be in the docs for
> the winmanager I'm currently running?

I've never see a Linux distribution that didn't have
X authorization turned on by default.  OTOH, I've 
never used Storm Linux . . . 

Now that I'm thinking about it, port 6000 may be for
the XDMCP login screen (GUI login).  You might be 
able to get rid of it by turning off the GUI login
and logging in via console and "startx".  Not sure.

Or you can limit who can get a GUI login screen
remotely.  I forget which config file that's in.

--------------------------------------------
Bruce Smith                bruce@armintl.com
System Administrator / Network Administrator
Armstrong International, Inc.
Three Rivers, Michigan  49093  USA
http://www.armstrong-intl.com/
--------------------------------------------