cable modem activity
Mel Seder
melseder-/E1597aS9LQAvxtiuMwx3w at public.gmane.org
Wed Apr 28 01:01:52 UTC 2004
--- Kevin Cozens <kcozens-qazKcTl6WRFWk0Htik3J/w at public.gmane.org> wrote:
> Greetings, Mel.
>
> For some reason, parts of the message got a bit garbled.
>
> At 03:44 PM 04/23/2004, Mel Seder wrote:
> > > could have temporarily shutdown the network support (ieie/sbsbinervice
> > > network stop).
> >
> >Right you are I take it the syntax would be #/sbsbinervice network stop. Is
> >that correct?
>
> /sbin/service network stop
>
> > > indicated that you have open ports for LDLDAPsome unspecified service on
> > > port 1002, and a SQSQLatabase on port 1720. Unless you need to make these
> > > ports accessible to people outside your local network, you should do
> > > something to limit access to these ports.
> >
> >Uh Oh! My router only has the ssh port forwarded. Come to think of it I
> >don't
> >know how ftp, hthttpnd possibly others are able to communicate as they have
> >not been forwarded by my router. Is there a place to look to see if
> LDLDAPnd
> >SQSQLan be disabled? I assume that they are not needed unless I am running
> >LDLDAPnd SQSQLhich I don't think I am running?
>
> If you don't need LDAP services or a SQL database on your machine, you
> should modify your startup scripts so these services won't start
> automatically when you boot the machine. If you have it on your machine,
> chkconfig is one way to alter which startup scripts are run at boot time.
I ran chkconfig and got the following
[mel-lwfWIikfpTg at public.gmane.org mel]$ /sbin/chkconfig --list ldap
ldap 0:off 1:off 2:off 3:off 4:off 5:off 6:off
[mel-lwfWIikfpTg at public.gmane.org mel]$ /sbin/chkconfig --list mysqld
mysqld 0:off 1:off 2:off 3:off 4:off 5:off 6:off
[mel-lwfWIikfpTg at public.gmane.org mel]$
it looks like they are off so I don't know why they appeared on a port scan ??
ps didn't show very much. Do I need parameters? If so what are they?
[mel-lwfWIikfpTg at public.gmane.org mel]$ ps
PID TTY TIME CMD
10642 pts/2 00:00:00 bash
10780 pts/2 00:00:00 ps
[mel-lwfWIikfpTg at public.gmane.org mel]$
> You should also use ps and lsof to see what programs are running after your
> machine starts and to which ports your machine is listening.
I ran lsof and got hundreds of lines of output. I don't know what to look for
and how to filter the output.
And don't
> forget to review the configuration of inetd. Just a heads up in case you
> haven't already done all of this.
>
> >However I'm scared to death of IPIPtablesnd fifilewalls If you
> >know of a site about momonmothaor dummies/(network impaired) newbies let me
> >know and alallthough can't prpromise'll try it I do prpromise will read it
> or
> >at least read it until I get too scared :-)
>
> The MonMotha script isn't that difficult to set up. You edit a few
> variables near the top of the script and the rest of the script builds all
> the rules you need. The script will typically deny any inbound connections
> except for the ports you specify.
>
> The main site for MonMotha is:
> http://monmotha.mplug.org/firewall/
>
> Some useful documentation about the script can be found here:
> http://www.mplug.org/phpwiki/index.php?MonMothaReferenceGuide
>
>
>
> Cheers!
>
> Kevin. (http://www.interlog.com/~kcozens/)
>
> Owner of Elecraft K2 #2172 |"What are we going to do today, Borg?"
> E-mail:kcozens at interlog dot com|"Same thing we always do, Pinkutus:
> Packet:ve3syb-XXPEJ3/fxIc at public.gmane.org#con.on.ca.na| Try to assimilate the world!"
> #include <disclaimer/favourite> | -Pinkutus & the Borg
>
> --
> The Toronto Linux Users Group. Meetings: http://tlug.ss.org
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
=====
The true measure of a man is how he treats someone who can do him
absolutely no good. -Samuel Johnson, lexicographer (1709-1784)
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list