Re: some weird stuff found

From: Tim Zingelman (zingelman@fnal.gov)
Date: 09/06/01

• Next message: Marc Rogers: "Re: some weird stuff found"
• Previous message: Chris Faulhaber: "Re: some weird stuff found"
• In reply to: Fernan Aguero: "some weird stuff found"
• Next in thread: Fernan Aguero: "Re: some weird stuff found"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 6 Sep 2001 10:06:37 -0500 (CDT)
From: Tim Zingelman <zingelman@fnal.gov>
To: Fernan Aguero <pichita3@netscape.net>

On Thu, 6 Sep 2001, Fernan Aguero wrote:

> In the last few days I started noticing strange things. Some of them
> I do not understand and perhaps are normal things (such as being scanned)
> and others may be more critical.
> I appreciate any help and insight you can give me.
>
> Also: I need to print to a network printer but I'm not a print server.
> Do I need 515 open?
> How do I close those ports (25,587,515)?
No and no. Add:

  sendmail_flags="-q30m"
  ldp_flags="-p"

to your /etc/rc.conf. This will stop them from listening.

> And last, I am running xdm but I only allowed connections from
> localhost. Is this in any way related to X11 being on port 6000?
> (/etc/services shows xdm on port 177)

xdm is already not listening on 177, likely due to the line:

 DisplayManager.requestPort: 0

in /usr/X11R6/lib/X11/xdm/xdm-config. The same can be accomplished by
adding -udpPort 0 to the xdm line in /etc/ttys like this:

 ttyv8 "/usr/X11R6/bin/xdm -nodaemon -udpPort 0" xterm on secure

To make the X server stop listening on port 6000, you should edit
/usr/X11R6/lib/X11/xdm/Xsetup_0 amd add -nolisten tcp, like this:

 :0 local /usr/X11R6/bin/X -nolisten tcp

 - Tim

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Next message: Marc Rogers: "Re: some weird stuff found"
• Previous message: Chris Faulhaber: "Re: some weird stuff found"
• In reply to: Fernan Aguero: "some weird stuff found"
• Next in thread: Fernan Aguero: "Re: some weird stuff found"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages X not listening on 177 after upgrade to 7.3 ... Xorg question, but trying to get help from that group is ... ... I see Xorg listening on port 6000, but I seem to recall that xdm was ... I expect that if I could get xdm to listen then I could figure out gdm, ... (freebsd-questions) Re: Disabling X and KDM from listening on a port. ... Disabling X and KDM from listening on a port. ... 6000 is to launch xdm (configured properly ... ... Then xdm reads /etc/X11/xinit/xserverrc and launch X with the appropiate ... (Focus-Linux) RE: Disabling X and KDM from listening on a port. ... On Wed, 15 Aug 2001, Karasik, Vitaly wrote: ... > If you want to close xdm just ... It still doesn't keep X from listening to port 6000 on every interface. ... (Focus-Linux) Re: Best Plan of action for 2 forest....... ... PortQry reports the status of a port in one of the following ways: ... ..LISTENING This response indicates that a process is listening on the target ... (microsoft.public.windows.server.active_directory) Re: RealVNC ... If we are talking about RealVNC it goes this way ... Then there is default Java listening port on port 5800 on the client machine ... (microsoft.public.windows.server.sbs)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint