Linux help - trying to close a port

GEC: Discuss gaming, computers and electronics and venture into the bizarre world of STGODs.

Moderator: Thanas

Post Reply
User avatar
Alferd Packer
Sith Marauder
Posts: 3706
Joined: 2002-07-19 09:22pm
Location: Slumgullion Pass
Contact:

Linux help - trying to close a port

Post by Alferd Packer »

So I've installed debian 3.1 r0a on my laptop and old desktop. I only want a single port open on each machine, namely 22 for ssh(don't worry, I've chosen strong passwords and disabled root login). On the laptop, I've managed just that. Portscanning it every which way yields the same result: 22 is the only open port. Terrific.

The desktop machine is giving me more grief, however. I've closed all ports except 22 and 839. I have no idea what service runs on port 839(TCP, BTW), and neither does nmap. Does anyone know what this is, or where I can find out what service runs on port 839? Thanks in advance.
"There is a principle which is a bar against all information, which is proof against all arguments and which cannot fail to keep a man in everlasting ignorance--that principle is contempt prior to investigation." -Herbert Spencer

"Against stupidity the gods themselves contend in vain." - Schiller, Die Jungfrau von Orleans, III vi.
User avatar
Pu-239
Sith Marauder
Posts: 4727
Joined: 2002-10-21 08:44am
Location: Fake Virginia

Post by Pu-239 »

I don't know what runs on that port, and can't find info. Try posting the output of "ps ax" on the command line.

Also, if you can't close it try putting up iptables in front of it.

ah.....the path to happiness is revision of dreams and not fulfillment... -SWPIGWANG
Sufficient Googling is indistinguishable from knowledge -somebody
Anything worth the cost of a missile, which can be located on the battlefield, will be shot at with missiles. If the US military is involved, then things, which are not worth the cost if a missile will also be shot at with missiles. -Sea Skimmer


George Bush makes freedom sound like a giant robot that breaks down a lot. -Darth Raptor
User avatar
Alferd Packer
Sith Marauder
Posts: 3706
Joined: 2002-07-19 09:22pm
Location: Slumgullion Pass
Contact:

Post by Alferd Packer »

Curiouser and curiouser!

Apparently the service is only listening on localhost. Thus, nmap and netstat show it when I scan from the desktop machine. A portscan from my laptop, however, doesn't show it as open. Comparing ps -auxs shows that the only differences in daemons running are those related to my PCMCIA NIC on my laptop.

Thoughts on this? Should I try harder to rid myself of this open port? Or does the fact that it's not visible from another machine make it as good as closed?
"There is a principle which is a bar against all information, which is proof against all arguments and which cannot fail to keep a man in everlasting ignorance--that principle is contempt prior to investigation." -Herbert Spencer

"Against stupidity the gods themselves contend in vain." - Schiller, Die Jungfrau von Orleans, III vi.
User avatar
Pu-239
Sith Marauder
Posts: 4727
Joined: 2002-10-21 08:44am
Location: Fake Virginia

Post by Pu-239 »

Eh, if it's not visible from another machine it's as good as closed.

"netstat -l -p|grep 839" should show which daemon is holding 839 open. (yeah, I cheated and looked up the man page for netstat. Sue me for not knowing things off the top of my head :P ).

ah.....the path to happiness is revision of dreams and not fulfillment... -SWPIGWANG
Sufficient Googling is indistinguishable from knowledge -somebody
Anything worth the cost of a missile, which can be located on the battlefield, will be shot at with missiles. If the US military is involved, then things, which are not worth the cost if a missile will also be shot at with missiles. -Sea Skimmer


George Bush makes freedom sound like a giant robot that breaks down a lot. -Darth Raptor
User avatar
Alferd Packer
Sith Marauder
Posts: 3706
Joined: 2002-07-19 09:22pm
Location: Slumgullion Pass
Contact:

Post by Alferd Packer »

It's the file alteration monitor.

Think I should keep that running? It's obviously not necessary if it's not running on my laptop, but still..
"There is a principle which is a bar against all information, which is proof against all arguments and which cannot fail to keep a man in everlasting ignorance--that principle is contempt prior to investigation." -Herbert Spencer

"Against stupidity the gods themselves contend in vain." - Schiller, Die Jungfrau von Orleans, III vi.
User avatar
Pu-239
Sith Marauder
Posts: 4727
Joined: 2002-10-21 08:44am
Location: Fake Virginia

Post by Pu-239 »

Eh, just leave it running- doesn't do much, and I think some GNOME/KDE functionality needs it or something (listed as a dependency).

ah.....the path to happiness is revision of dreams and not fulfillment... -SWPIGWANG
Sufficient Googling is indistinguishable from knowledge -somebody
Anything worth the cost of a missile, which can be located on the battlefield, will be shot at with missiles. If the US military is involved, then things, which are not worth the cost if a missile will also be shot at with missiles. -Sea Skimmer


George Bush makes freedom sound like a giant robot that breaks down a lot. -Darth Raptor
Post Reply