iB::Topic::port stealthing firewall

	Damn Small Linux :: Damn Small Linux Board The DSL Forums

» Welcome Guest
[ Log In :: Register ]

Damn Small Linux Board » Damn Small Linux » DSL Ideas and Suggestions » port stealthing firewall

		Mini-ITX Boards Sale, Fanless BareBones Mini-ITX, Bootable 1G DSL USBs, 533MHz Fanless PC <-- SALE $200 each!
		Get The Official Damn Small Linux Book. DSL Market , Great VPS hosting provided by Tektonic

Pages: (2) </ [1] 2 >/

[ Track this topic :: Email this topic :: Print this topic ]

Topic: port stealthing firewall

< Next Oldest | Next Newest >

monkeypox

Group: Members
Posts: 4
Joined: Oct. 2003

Posted: Oct. 25 2003,05:15

I just came from a port probe test at grc.com and found quite a few ports open. Would be nice to have dsl firewalled by default.

roberts

Group: Members
Posts: 4983
Joined: Oct. 2003

Posted: Oct. 25 2003,06:04

I was looking at this too. If you go to a shell prompt and type:

sudo netstat -lp

You will see the open ports and processing running on them. Now, some of us run DSL behind a firewall and then some don't. Maybe we can ask John to not start some of these services. Move them to the menu like the Monkey webserver. In particular the ssh server. If you are directly on the internet, not behind a firewall I would turn off the ssh server as follows:

sudo /KNOPPIX/etc/init.d/ssh stop

To turn off the NFS do the following:

sudo /KNOPPIX/etc/nfs-common stop
sudo /KNOPPIX/portmap stop

Then check ports again with the netstat command.

roberts

Group: Members
Posts: 4983
Joined: Oct. 2003

Posted: Oct. 25 2003,14:18

I have been digging into this further:
Seems to me that inetd the super server is running to provide vboxd
An isdn voice box daemon??? Does anyone use ISDN anymore? Or is this some sound thing that I just don't know about?
I remastered a CD to test this without starting ssh, portmap, nfs-common, and inetd Now netstat -lp displays only printer and bootpc used by the processes of lpd and pump. If nfs is placed on the menu, then we can still have the ability to mount via nfs. As for the others, ssh and vboxd, are they needed as server daemons? Without the ssh daemon running we can still use the client side of ssh, i.e., we can ssh to another machine as well as scp.

RuKK

Group: Members
Posts: 13
Joined: Sep. 2003

Posted: Oct. 29 2003,17:14

Forgive my n00bishness, but how would I go about disabling those two services on a hdd install so I didnt have to manually stop them every time I wanted to reboot? Thanks

-RuKK

roberts

Group: Members
Posts: 4983
Joined: Oct. 2003

Posted: Oct. 29 2003,23:22

Well, if you have already installed to hard drive, and you don't want them started by default I would do the following as root ( or add sudo )

Because you stated you are a newbie, I am going to explain in small steps.

cd /etc
find . -name "???ssh" -print

There should be six lines listed with names like K20ssh and S20ssh. They are located in rc directories or run levels.
Those files are really links ( think of pointers) to the real scripts.
Therefore you can delete those links and that service will not be started upon boot up. Of course you are not deleteing the script. You will still be able to manually start them or add them to your own menu.
So next I would cd to where the file (link) is located, e.g.., Lets do one of the six.

cd /etc/rc3.d

Then I would do

ls -la S20ssh

The first char should be an l which stands for link , .e.g. lrwxrwxrwx
Now remove it

rm S20ssh

then repeat for each of the six files of ssh.

I know that there are more powerful commands. But for the first timer, it is good to go slowly and understand what you are trying to do. Better safe than sorry. Always do an ls and look before you delete (rm) especially with system files.

Do the same for portmap and nfs-common.

6 replies since Oct. 25 2003,05:15

< Next Oldest | Next Newest >

[ Track this topic :: Email this topic :: Print this topic ]

Pages: (2) </ [1] 2 >/

Damn Small Linux Board » Damn Small Linux » DSL Ideas and Suggestions » port stealthing firewall