[H-GEN] Firewall configuration on a remote machine
gavin at microcomaustralia.com.au
Wed Feb 9 01:43:05 EST 2011
On 9 Feb 2011, at 16:00, Stephen Thorne wrote:
> On 2011-02-09, gavin duley wrote:
>> Any suggestions as to where I could look them up to see what they are,
>> and therefore how to disable them? I could post them to the list, but
>> that might turn out to be publicly listing vulnerabilities on my
>> server. This would seem to be a bad idea.
> netstat -tunpl
> Program name is the rightmost column, if you're looking at ipv6, ::: is
> public, ::1 is localhost,
Thanks. I figured out that the "unwanted" open ports were nfs related. I'm not using nfs, so I uninstalled nfs-common and they no longer seem to be open any more.
I assume that I want the 'local address' column to be in the form 127.0.0.1:portnumber for most things. I think I can just ignore the 'foreign address' column here?
Unless I'm misreading it horribly, I assume lines like this indicate that the port is listening only on 127.0.0.1:
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1322/exim4
For what it's worth, I can telnet to port 25 locally, but not from a remote machine. The open ports were like this:
tcp 0 0 0.0.0.0:35843 0.0.0.0:* LISTEN 836/rpc.statd
(note: that port is no longer open).
Honestly, if you're given the choice between Armageddon or tea, you don't say 'What kind of tea?'
-- Neil Gaiman
<gavin at microcomaustralia.com.au> <gpd at sdf-eu.org>
More information about the General