View previous topic :: View next topic |
Author |
Message |
smithj Retired Dev
Joined: 24 Sep 2004 Posts: 111
|
Posted: Thu Dec 16, 2004 3:08 pm Post subject: strange open ports |
|
|
pimping the nmap from an outside box, i get this for my gentoo:
Quote: | Starting nmap 3.55 ( http://www.insecure.org/nmap/ ) at 2004-12-16 09:38 EST
Interesting ports on xxxxx.xxxxx.xxx (xx.xxx.xx.xxx):
(The 1657 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
22/tcp open ssh
631/tcp open ipp
6000/tcp open X11
Nmap run completed -- 1 IP address (1 host up) scanned in 4.734 seconds |
i'm assuming "ipp" on 631 is cupsd, but why is it open to the public? how can i close it?
and why the heck is X11 having a port? anytime i use it externally, i use ssh tunnels....
sshd is, of course, supposed to be running
how can i nail this down?
edit: took out my ip
Last edited by smithj on Thu Dec 16, 2004 5:14 pm; edited 2 times in total |
|
Back to top |
|
|
db_404 Guru
Joined: 05 Dec 2002 Posts: 336
|
Posted: Thu Dec 16, 2004 4:11 pm Post subject: |
|
|
There's are various options in /etc/cups/cupsd.conf that let you set what IPs are allowed to connect to cups and what interface to listen on, which might help.
X i'm not sure about, by default it certainly does open a network port, and I'm not sure it can be disabled.
You really need to look into firewalling off the ports you don't want exposed externally with iptables (look here for more info http://gentoo-wiki.com/HOWTO_Iptables_for_newbies) |
|
Back to top |
|
|
pjp Administrator
Joined: 16 Apr 2002 Posts: 20502
|
Posted: Thu Dec 16, 2004 4:17 pm Post subject: |
|
|
Does starting X with the -nolisten tcp option help? _________________ Quis separabit? Quo animo? |
|
Back to top |
|
|
|