StarDestroyer.Net BBS

So I've installed debian 3.1 r0a on my laptop and old desktop. I only want a single port open on each machine, namely 22 for ssh(don't worry, I've chosen strong passwords and disabled root login). On the laptop, I've managed just that. Portscanning it every which way yields the same result: 22 is the only open port. Terrific.

The desktop machine is giving me more grief, however. I've closed all ports except 22 and 839. I have no idea what service runs on port 839(TCP, BTW), and neither does nmap. Does anyone know what this is, or where I can find out what service runs on port 839? Thanks in advance.

I don't know what runs on that port, and can't find info. Try posting the output of "ps ax" on the command line.

Also, if you can't close it try putting up iptables in front of it.

Curiouser and curiouser!

Apparently the service is only listening on localhost. Thus, nmap and netstat show it when I scan from the desktop machine. A portscan from my laptop, however, doesn't show it as open. Comparing ps -auxs shows that the only differences in daemons running are those related to my PCMCIA NIC on my laptop.

Thoughts on this? Should I try harder to rid myself of this open port? Or does the fact that it's not visible from another machine make it as good as closed?

Eh, if it's not visible from another machine it's as good as closed.

"netstat -l -p|grep 839" should show which daemon is holding 839 open. (yeah, I cheated and looked up the man page for netstat. Sue me for not knowing things off the top of my head ).

It's the file alteration monitor.

Think I should keep that running? It's obviously not necessary if it's not running on my laptop, but still..

Eh, just leave it running- doesn't do much, and I think some GNOME/KDE functionality needs it or something (listed as a dependency).