So I've installed debian 3.1 r0a on my laptop and old desktop. I only want a single port open on each machine, namely 22 for ssh(don't worry, I've chosen strong passwords and disabled root login). On the laptop, I've managed just that. Portscanning it every which way yields the same result: 22 is the only open port. Terrific.
The desktop machine is giving me more grief, however. I've closed all ports except 22 and 839. I have no idea what service runs on port 839(TCP, BTW), and neither does nmap. Does anyone know what this is, or where I can find out what service runs on port 839? Thanks in advance.
Linux help - trying to close a port
Moderator: Thanas
-
Alferd Packer
- Sith Marauder
- Posts: 3706
- Joined: 2002-07-19 09:22pm
- Location: Slumgullion Pass
- Contact:
Linux help - trying to close a port
"There is a principle which is a bar against all information, which is proof against all arguments and which cannot fail to keep a man in everlasting ignorance--that principle is contempt prior to investigation." -Herbert Spencer
"Against stupidity the gods themselves contend in vain." - Schiller, Die Jungfrau von Orleans, III vi.
"Against stupidity the gods themselves contend in vain." - Schiller, Die Jungfrau von Orleans, III vi.
I don't know what runs on that port, and can't find info. Try posting the output of "ps ax" on the command line.
Also, if you can't close it try putting up iptables in front of it.
Also, if you can't close it try putting up iptables in front of it.
ah.....the path to happiness is revision of dreams and not fulfillment... -SWPIGWANG
Sufficient Googling is indistinguishable from knowledge -somebody
Anything worth the cost of a missile, which can be located on the battlefield, will be shot at with missiles. If the US military is involved, then things, which are not worth the cost if a missile will also be shot at with missiles. -Sea Skimmer
George Bush makes freedom sound like a giant robot that breaks down a lot. -Darth Raptor
-
Alferd Packer
- Sith Marauder
- Posts: 3706
- Joined: 2002-07-19 09:22pm
- Location: Slumgullion Pass
- Contact:
Curiouser and curiouser!
Apparently the service is only listening on localhost. Thus, nmap and netstat show it when I scan from the desktop machine. A portscan from my laptop, however, doesn't show it as open. Comparing ps -auxs shows that the only differences in daemons running are those related to my PCMCIA NIC on my laptop.
Thoughts on this? Should I try harder to rid myself of this open port? Or does the fact that it's not visible from another machine make it as good as closed?
Apparently the service is only listening on localhost. Thus, nmap and netstat show it when I scan from the desktop machine. A portscan from my laptop, however, doesn't show it as open. Comparing ps -auxs shows that the only differences in daemons running are those related to my PCMCIA NIC on my laptop.
Thoughts on this? Should I try harder to rid myself of this open port? Or does the fact that it's not visible from another machine make it as good as closed?
"There is a principle which is a bar against all information, which is proof against all arguments and which cannot fail to keep a man in everlasting ignorance--that principle is contempt prior to investigation." -Herbert Spencer
"Against stupidity the gods themselves contend in vain." - Schiller, Die Jungfrau von Orleans, III vi.
"Against stupidity the gods themselves contend in vain." - Schiller, Die Jungfrau von Orleans, III vi.
Eh, if it's not visible from another machine it's as good as closed.
"netstat -l -p|grep 839" should show which daemon is holding 839 open. (yeah, I cheated and looked up the man page for netstat. Sue me for not knowing things off the top of my head
).
"netstat -l -p|grep 839" should show which daemon is holding 839 open. (yeah, I cheated and looked up the man page for netstat. Sue me for not knowing things off the top of my head
).ah.....the path to happiness is revision of dreams and not fulfillment... -SWPIGWANG
Sufficient Googling is indistinguishable from knowledge -somebody
Anything worth the cost of a missile, which can be located on the battlefield, will be shot at with missiles. If the US military is involved, then things, which are not worth the cost if a missile will also be shot at with missiles. -Sea Skimmer
George Bush makes freedom sound like a giant robot that breaks down a lot. -Darth Raptor
-
Alferd Packer
- Sith Marauder
- Posts: 3706
- Joined: 2002-07-19 09:22pm
- Location: Slumgullion Pass
- Contact:
It's the file alteration monitor.
Think I should keep that running? It's obviously not necessary if it's not running on my laptop, but still..
Think I should keep that running? It's obviously not necessary if it's not running on my laptop, but still..
"There is a principle which is a bar against all information, which is proof against all arguments and which cannot fail to keep a man in everlasting ignorance--that principle is contempt prior to investigation." -Herbert Spencer
"Against stupidity the gods themselves contend in vain." - Schiller, Die Jungfrau von Orleans, III vi.
"Against stupidity the gods themselves contend in vain." - Schiller, Die Jungfrau von Orleans, III vi.
Eh, just leave it running- doesn't do much, and I think some GNOME/KDE functionality needs it or something (listed as a dependency).
ah.....the path to happiness is revision of dreams and not fulfillment... -SWPIGWANG
Sufficient Googling is indistinguishable from knowledge -somebody
Anything worth the cost of a missile, which can be located on the battlefield, will be shot at with missiles. If the US military is involved, then things, which are not worth the cost if a missile will also be shot at with missiles. -Sea Skimmer
George Bush makes freedom sound like a giant robot that breaks down a lot. -Darth Raptor