FedoraForum.org - Fedora Support Forums and Community
Results 1 to 4 of 4
  1. #1
    Join Date
    Apr 2004
    Location
    Pamber Heath, Tadley, Hampshire UK
    Age
    60
    Posts
    99

    Unhappy Closing Ports (FC1)?

    Please excuse this trivial question. I've been playing around trying to get two Windows XP machines to see my (working locally on CUPS) HP printer using SAMBA, which only seems to work by blowing holes in the respective firewalls (ports 111, 139, 445, 631 among them). I still haven't got it to list the printer as available from the XP machines, but that's probably a longer task to debug here.

    However, i'm now wanting to close off these ports while I do another dose of bedtime reading. None are showing in my IPTABLES rules, and yet the ports are up even after a reboot.

    How do I disable them?
    --
    Ian Waring
    ian.waring@gmail.com

  2. #2
    Join Date
    Mar 2004
    Location
    Scotland
    Age
    39
    Posts
    1,019
    Hi, I moved this to security, as the title suggests.

    You just need to switch of portmap, cups and samba for the time being:

    Code:
    /sbin/service portmap stop
    /sbin/service cups stop
    /sbin/service smb stop
    To switch these off on reboot run, and find the above and untick them:
    Code:
    /sbin/ntsysv
    or
    Code:
    /sbin/setup
    and go to the serivces section (which calls ntsysv anyway).

    HTH.
    http://blog.suretecsystems.com

  3. #3
    Join Date
    Apr 2004
    Location
    Pamber Heath, Tadley, Hampshire UK
    Age
    60
    Posts
    99

    Thankyou

    All back in one piece now, thanks. I'm hooked up to a Linksys WAG54G wireless router, and have my Linux server as the designated DMZ connection - so it gets all the unsolicited traffic fired at my one fixed IP address. Although I have SMB set to listen to local traffic only, I know that any ports I open on my Linux box are also open to the world outside :-)

    But happy that things are locked down now without Portmap being active - and that nothing I don't know about is starting up!

    Thankyou.
    --
    Ian Waring
    ian.waring@gmail.com

  4. #4
    Join Date
    Apr 2004
    Location
    Warsaw, Poland
    Age
    36
    Posts
    1,085

    Re: Closing Ports (FC1)?

    However, i'm now wanting to close off these ports (...) How do I disable them?
    This is *WRONG* - iptables/firewalls are for controlling access - it is not a security feature, and should not be considered as one. Proper way is to launch local services listening only on local network interfaces (not into Internet) - doing bind() on specified adresses (local) only. With Samba you can do that in config. f.e.:
    Code:
    interfaces = 127.0.0.1 10.0.0.1
    bind interfaces only = yes
    Thus no need to filter anything on firewall.

Similar Threads

  1. closing ports?
    By bigmacbb63 in forum Security and Privacy
    Replies: 5
    Last Post: 23rd February 2008, 08:28 AM
  2. closing ports?
    By bigmacbb63 in forum Security and Privacy
    Replies: 7
    Last Post: 23rd February 2008, 08:24 AM
  3. closing ports, services
    By thedeadbunnymm7 in forum Security and Privacy
    Replies: 3
    Last Post: 21st June 2006, 04:16 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •