I went to www.grc.com to test my firewall and despite 1) enabling no services in the default firewall installation (in FC2) and 2) using the Server Settings GUI to turn off all services that seem to apply - I can't turn off port 111 (Sun Remote Procedure Call). How can I accomplish that?

Thanks a lot.

Trish

have you tried iptables?

Turn off port mapper

as root type ntsysv
scroll down to portmapper and uncheck it, and ok out of the file
then, still as root type service portmap stop

if you then do a chkconfig --list you willl see everything that is running at the different levels.

Dave

What would editing /etc/services do? If you remove the line for sunrpc, does that break the association between that service and port 111? And does it "disable" port 111 ?

No - that doesn't do what you think it does. Do what k4dgw suggests - just turn off the service itself.

That's correct. The /etc/services file is a kind of reference. It does not directly deal with starting and stopping services. The way I started learning about it was by messing with ntsysv. But that only decides what is on at boot. So if you make changes, they are not applied till the next boot. But if you use chklist, (do a man chklist for help) it will show you what services are started at each of the different run levels. A real useful command, assuming you are running in gui mode (init 5) is chkconfig --list | grep 5:on this will show you what services are running at init 5. Then you can do man <service.name> to find out more about the service, or google it if there are no man pages. Then use the service command to start and stop the services. I hope this has helped some, I've tried to give a broad overview withoug getting too bogged down in details. Hopefully this will give you information you can build on by reading the man pages or online.

Dave
-=K4DGW=-

What would editing /etc/services do? If you remove the line for sunrpc, does that break the association between that service and port 111? And does it "disable" port 111 ?The /etc/services file just provides a mapping from port numbers to service names. it's only used to lookup information, similar to the /etc/hosts and /etc/protocols files. Removing entries in this file is not advised as it does not stop the associated service, but may hose it up.

In addition to the other fine ideas in this post I always do a 'netstat -tuapen | grep LISTEN' as root to make sure I don't have any unneeded services listening for connections. If it's a desktop usually the only thing I'll leave listening is SSH.