Go to TogaWare.com Home Page.
GNU/Linux Desktop Survival Guide
by Graham Williams

Ports and Services

To check which port is currently used in your Linux Server you can run the netstat command, root, to also list the ID and name of the process watching that port:

  # netstat -tulpen

You can turn services on and off by the update-inetd command. For example, to turn telnet off:

  # update-inetd --disable telnet

You can also manually turn services off by directly editing /etc/inetd.conf. For example, if you have telnetd installed (not recommended) and wish to turn it off (rather than uninstalling it) then comment out the line in /etc/inetd.conf that starts with telnet and restart inetd:

  # /etc/init.d/inetd restart

7   echo  
9   discard This is like /dev/null but for networks. This port is generally not needed, especially if you are worried about attacks.
13   daytime Prints the current date as a string (e.g., Mon May 23 07:14:21 2001). Not generally not needed. Can be turned off to avoid possible denial of service attacks where an attacker may link it to the echo port using spoofing. Also, the returned format could be used to guess the operating system type.
17   quotd  
20   ftp-data  
21   ftp  
22   ssh  
23   telnet  
25   smtp  
37   time prints the current time as seconds sine the epoch in machine readable form. This can be useful if network clients expect the service for crude time synchronisation (some windows clients can use this service). Otherwise it is not generally needed.
53   domain  
70   gopher  
79   finger  
80   http  
110   pop3  
111   sunrpc  
113   auth The IDENT protocol. It is not useful but most IRC servers require this port to be open and returning information. Apparently some FTP servers and postgresql require this service as well.
119   nntp is the Network News Transport Service if you are running a news server (e.g., inn or cnews). Otherwise it is not needed.
123   ntp  
143   imap2  
161 udp snmp Simple Net Management Protocol
194 tcp irc Internet Relay Chat
194 udp irc  
220   imap3  
389 tcp ldap Lightweight Directory Access Protocol
443 tcp https Secure HTTP
873 tcp rsync Efficient protocol for copying and syncing files.
2049 tcp nfs This port will advertise the export list for NFS.
2049 udp nfs Older versions of nfsd have bugs so make sure your nfs is up to date.
3306 tcp mysql  
6000   X Window System  
6667 udp ircd Internet Relay Chat
8080 tcp webcache WWW caching service
32860 udp nlockmgr Not known to be a security problem but could be turned off.

Copyright © 1995-2006 [email protected]
Contribue and access the PDF Version