CloseOpenPortsSlackware

Close the last open ports on Slackware

This is written at 2:00am, so excuse all typos and imprecise working...

Scanning your Slackware machine with nmap gives you the following results:

bash-3.1$ sudo nmap -O 192.168.0.200
Password: 
          
Starting Nmap 5.00 ( http://nmap.org ) at 2011-10-29 02:33 CEST
Interesting ports on galactus.gilandre.org (192.168.0.200):
Not shown: 999 closed ports
PORT   STATE SERVICE
22/tcp open  ssh
37/tcp  open  time
113/tcp open  auth
MAC Address: 77:99:BC:63:1B:6C (Unknown)
No exact OS matches for host (If you know what OS is running on it, see http://nmap.org/submit/ ).
[...etc...]

Yes, I want ssh to be opened, but what about the other two?

It's simple enough to correct:

1. Edit the /etc/inetd.conf file

In that file, you should comment the lines starting with time and auth.

Save the file, and then...:

2. Stop the inetd daemon

Again, this is as simple as:

root@galactus:~# /etc/rc.d/rc.inetd stop

Once the inetd daemon is stopped, make sure it will never restart again:

root@galactus:/etc/rc.d# chmod -v a-x ./rc.inetd
mode of `./rc.inetd' changed to 0644 (rw-r--r--)

3. Check everything is OK

First, check that inetd is not running:

root@galactus:~# ps faxu | grep -i [i]netd
root@galactus:~#                                            <-- nothing!   :-)

Next, do the nmap test again:

bash-3.1$ sudo nmap -O 192.168.0.200
Password: 
          
Starting Nmap 5.00 ( http://nmap.org ) at 2011-10-29 02:40 CEST
Interesting ports on galactus.gilandre.org (192.168.0.200):
Not shown: 999 closed ports
PORT   STATE SERVICE
22/tcp open  ssh
MAC Address: 77:99:BC:63:1B:6C (Unknown)
No exact OS matches for host (If you know what OS is running on it, see http://nmap.org/submit/ ).
[...etc...]

That's it! Nothing runs anymore on the machine, except for ssh, and you can harden ssh by installing deny hosts, which is quick, easy and very effective!

See Also: