cable modem activity

Mel Seder melseder-/E1597aS9LQAvxtiuMwx3w at public.gmane.org
Wed Apr 28 01:24:04 UTC 2004 

--- Kevin Cozens <kcozens-qazKcTl6WRFWk0Htik3J/w at public.gmane.org> wrote:
> Greetings, Mel.
> 
> For some reason, parts of the message got a bit garbled.
> 
> At 03:44 PM 04/23/2004, Mel Seder wrote:
> > > could have temporarily shutdown the network support (ieie/sbsbinervice
> > > network stop).
> >
> >Right you are I take it the syntax would be #/sbsbinervice network stop.  Is
> >that correct?
> 
> /sbin/service network stop
> 
> > > indicated that you have open ports for LDLDAPsome unspecified service on
> > > port 1002, and a SQSQLatabase on port 1720. Unless you need to make these
> > > ports accessible to people outside your local network, you should do
> > > something to limit access to these ports.
> >
> >Uh Oh!  My router only has the ssh port forwarded.  Come to think of it I 
> >don't
> >know how ftp,  hthttpnd possibly others are able to communicate as they have
> >not been forwarded by my router.  Is there a place to look to see if
> LDLDAPnd
> >SQSQLan be disabled?  I assume that they are not needed unless I am running
> >LDLDAPnd SQSQLhich I don't think I am running?
> 
> If you don't need LDAP services or a SQL database on your machine, you 
> should modify your startup scripts so these services won't start 
> automatically when you boot the machine. If you have it on your machine, 
> chkconfig is one way to alter which startup scripts are run at boot time. 

Hi Kevin,  thanks for your reply.  chkconfig returned the following


[mel-lwfWIikfpTg at public.gmane.org mel]$ /sbin/chkconfig --list ldap
ldap            0:off   1:off   2:off   3:off   4:off   5:off   6:off
[mel-lwfWIikfpTg at public.gmane.org mel]$ /sbin/chkconfig --list mysqld
mysqld          0:off   1:off   2:off   3:off   4:off   5:off   6:off

it looks like they haven't been turned on.


> You should also use ps and lsof to see what programs are running after your 
> machine starts and to which ports your machine is listening. And don't 
> forget to review the configuration of inetd.

There seems to be many inetd files I'm not sure which ones do what.

 Just a heads up in case you 
> haven't already done all of this.
> 


lsof produced hundreds of lines and I didn't know what to look for nor do I
know to filter the output.

ps didn't tell me very much

[mel-lwfWIikfpTg at public.gmane.org mel]$ ps
  PID TTY          TIME CMD
10642 pts/2    00:00:00 bash
10780 pts/2    00:00:00 ps
[mel-lwfWIikfpTg at public.gmane.org mel]$


> >However I'm scared to death of IPIPtablesnd fifilewalls If you
> >know of a site about momonmothaor dummies/(network impaired) newbies let me
> >know and alallthough can't prpromise'll try it I do prpromise will read it
> or
> >at least read it until I get too scared :-)

I read your links and I'm still scared :-) the word iptables makes me quiver
and tremble.


 
> 
> The MonMotha script isn't that difficult to set up. You edit a few 
> variables near the top of the script and the rest of the script builds all 
> the rules you need. The script will typically deny any inbound connections 
> except for the ports you specify.
> 
> The main site for MonMotha is:
> http://monmotha.mplug.org/firewall/
> 
> Some useful documentation about the script can be found here:
> http://www.mplug.org/phpwiki/index.php?MonMothaReferenceGuide
> 
> 
> 

Do you know how to do a port scan on remote box?


=====
The true measure of a man is how he treats someone who can do him 
absolutely no good. -Samuel Johnson, lexicographer (1709-1784)
--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml

More information about the Legacy mailing list