• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

How can I improve my security?

P

pitupepito2000

Golden Member
Hi,

I ran nmap in my pc and it showed many ports open. My question is how can I close all this ports and only have the necessary ports open? Here is a print out of the ports open:


(The 1613 ports scanned but not shown below are in state: closed)
Port State Service
9/tcp open discard
13/tcp open daytime
22/tcp open ssh
37/tcp open time
80/tcp open http
111/tcp open sunrpc
113/tcp open auth
443/tcp open https
631/tcp open ipp
985/tcp open unknown

Thanks for the help,
pitupepito
 
9, 13, 37 are standard services. You can disable them if you want, but you don't really need to worry about them. Maybe things will break if you stop them - I've never checked it out thoroughly. If you really want to disable them, find and comment their lines in /etc/inetd.conf. Then either reboot or do killall -1 inetd to reload inetd.

113 is ident. If you don't know why you need this, then you probably don't. It should be disabled in inetd.conf as above.

22 is ssh. If you never ever use that you can disable it, but it's unlikely to be dangerous and could be very handy. Different distros control sshd's startup differently. If your distro has some kind of tool to control services, it should be listed there. Or take the crude and direct way - find all the sshd symlinks in the /etc/rc.? directories and delete them.

80 and 443 are a webserver, probably apache. Like ssh, this should be controlled via some service tool provided by your distro.

111 is the portmapper, and 985 is probably statd, two daemons used with the NFS filesystem. If you're not using NFS, you should definitely disable these. Like ssh and apache, the method depends on the distro.

631 is the Internet Printing Protocol - CUPS, presumably. You'll want to leave that alone if you want web management for CUPS. If you're paranoid, check out the /etc/cups/cupsd.conf file for access controls, but the defaults are usually OK.
 
Originally posted by: pitupepito2000
Hi, I ran nmap in my pc and it showed many ports open. My question is how can I close all this ports and only have the necessary ports open? Here is a print out of the ports open: (The 1613 ports scanned but not shown below are in state: closed) Port State Service 9/tcp open discard 13/tcp open daytime 22/tcp open ssh 37/tcp open time 80/tcp open http 111/tcp open sunrpc 113/tcp open auth 443/tcp open https 631/tcp open ipp 985/tcp open unknown Thanks for the help, pitupepito
Click to expand...

Are you running this from your internal network, or from another PC outside of your network? If this is fron within your own private network, those are not valid responses. You have to run nmap from an external source to get a true readout.
 
I ran it from the internal network. I was using my machine and I used the loopback address to run nmap

thanks for the help,
pitupepito
 
You must log in or register to reply here.
Back
Top