GNU/Linux Desktop Survival Guide by Graham Williams |
|||||
Ports and Services |
To check which port is currently used in your Linux Server you can run the netstat command, root, to also list the ID and name of the process watching that port:
# netstat -tulpen |
You can turn services on and off by the update-inetd
command.
For example, to turn telnet off:
# update-inetd --disable telnet |
You can also manually turn services off by directly editing
/etc/inetd.conf. For example, if you have telnetd installed
(not recommended) and wish to turn it off (rather than uninstalling
it) then comment out the line in /etc/inetd.conf that starts
with telnet
and restart inetd:
# /etc/init.d/inetd restart |
7 | echo | ||
9 | discard | This is like /dev/null but for networks. This port is generally not needed, especially if you are worried about attacks. | |
13 | daytime | Prints the current date as a string (e.g.,
Mon May 23 07:14:21 2001 ). Not generally not needed. Can be
turned off to avoid possible denial of service attacks where an
attacker may link it to the echo port using spoofing. Also, the
returned format could be used to guess the operating system type. |
|
17 | quotd | ||
20 | ftp-data | ||
21 | ftp | ||
22 | ssh | ||
23 | telnet | ||
25 | smtp | ||
37 | time | prints the current time as seconds sine the epoch in machine readable form. This can be useful if network clients expect the service for crude time synchronisation (some windows clients can use this service). Otherwise it is not generally needed. | |
53 | domain | ||
70 | gopher | ||
79 | finger | ||
80 | http | ||
110 | pop3 | ||
111 | sunrpc | ||
113 | auth | The IDENT protocol. It is not useful but most IRC servers require this port to be open and returning information. Apparently some FTP servers and postgresql require this service as well. | |
119 | nntp | is the Network News Transport Service if you are running a news server (e.g., inn or cnews). Otherwise it is not needed. | |
123 | ntp | ||
143 | imap2 | ||
161 | udp | snmp | Simple Net Management Protocol |
194 | tcp | irc | Internet Relay Chat |
194 | udp | irc | |
220 | imap3 | ||
389 | tcp | ldap | Lightweight Directory Access Protocol |
443 | tcp | https | Secure HTTP |
873 | tcp | rsync | Efficient protocol for copying and syncing files. |
2049 | tcp | nfs | This port will advertise the export list for NFS. |
2049 | udp | nfs | Older versions of nfsd have bugs so make sure your nfs is up to date. |
3306 | tcp | mysql | |
6000 | X Window System | ||
6667 | udp | ircd | Internet Relay Chat |
8080 | tcp | webcache | WWW caching service |
32860 | udp | nlockmgr | Not known to be a security problem but could be turned off. |
Copyright © 1995-2006 [email protected]