On Thu, 6 Sep 2001, Fernan Aguero wrote:

> In the last few days I started noticing strange things. Some of them
> I do not understand and perhaps are normal things (such as being scanned)
> and others may be more critical.
> I appreciate any help and insight you can give me.
>
> Also: I need to print to a network printer but I'm not a print server.
> Do I need 515 open?
> How do I close those ports (25,587,515)?
No and no. Add:

  sendmail_flags="-q30m"
  ldp_flags="-p"

to your /etc/rc.conf. This will stop them from listening.

> And last, I am running xdm but I only allowed connections from
> localhost. Is this in any way related to X11 being on port 6000?
> (/etc/services shows xdm on port 177)

xdm is already not listening on 177, likely due to the line:

 DisplayManager.requestPort: 0

in /usr/X11R6/lib/X11/xdm/xdm-config. The same can be accomplished by
adding -udpPort 0 to the xdm line in /etc/ttys like this:

 ttyv8 "/usr/X11R6/bin/xdm -nodaemon -udpPort 0" xterm on secure

To make the X server stop listening on port 6000, you should edit
/usr/X11R6/lib/X11/xdm/Xsetup_0 amd add -nolisten tcp, like this:

 :0 local /usr/X11R6/bin/X -nolisten tcp

 - Tim

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]