Morning

I've just recently installed slackware 9 to find all kinds of open ports. TCP ports I've figured out how to close by using the scripts in /etc/rc.d.
When I use nmap to check open UDP ports I'm finding all of these open ports:

68/udp open dhcpclient
113/udp open auth
455/udp open creativepartnr
1346/udp open alta-ana-lm
1351/udp open equationbuilder
1373/udp open chromagrafx
1375/udp open bytex

I've seen nothing within the rc scripts that would reveal why these ports are open. Any help appreciated.

Graydon

these ports are open by some of the services that are running on your system. These services are started by one of your init scripts. First search for what services these ports are associated with , then it will be easy for you to stop them.

You can perform a more thorugh test of your system from :

http://grc.com

and select the "Shield's UP test". It is very useful and they have links about how to stop those services and secure your box.

I'm not an expert on the subject but i would recomend you to not only stop de daemons that you don't need, but also to build a simple iptables rule to DENY every packet sent to 1:1024 ports. Just don't forget to put the ones you need open also :)

I can't remember having all those ports open from a default installation of Slackware. When i first installed Slack i nmaped my system and then commented out everythng in inetd and the rc files and that seemed to close everything off.

I've ran shields up and it has shown my system to be in almost full stealth mode except for bootps ports 67-68.
As for inetd an rc I've comented almost everything out but I'll be going through it once again to see wht else i don't need.
thanks

Graydon