Hey all I Iam running mdk 7.1 and did a netstat -l(or an) and found these ports open
111 tcp,111 udp, 177 udp,515tcp,1024tcp,600tcp I wanted to know if I need these open and if not how to close them. I am running portsentry. TIA to all

oops 6000 tcp sorry

Well locoguy,
Using http://www2.dgsys.com/~lkh/ipnumb.html as a guide for the ports and thier uses. Here is a run down of the services that are using those ports.

sunrpc 111/tcp SUN Remote Procedure Call
sunrpc 111/udp SUN Remote Procedure Call

uucp-path 117/tcp UUCP Path Service
uucp-path 117/udp UUCP Path Service

printer 515/tcp spooler
printer 515/udp spooler

1024/tcp Reserved
1024/udp Reserved
x11 6000-6063/tcp X Window System
x11 6000-6063/udp X Window System

Port:111 I would shut down after I figured out what it was doing open.

Port:177 I dont know, I would research uucp and see about that one.

Port:515 This is your printer. If it is accepting connections from other computers, they will be able to print from your printer. Kill it if you don't have a printer hooked up.

Port: 1024 is reserved, nothing uses it, except maybe trojans and such. Kill It.

Port:6000 this is for your x windows, If you run X, leave it alone. If you are a command line only person, It is safe to kill.

------------------
[X] YES! I'm a brain-damaged lemur on crack, and I'd like to order your software package for $459.95!

Your 111/Sun RPC port is used by Portmap, which maps ports (imagine that) for NFS and NIS services. If you're not using these services, then you can disable portmap on startup close that port.

I think its actually possible to set X into a mode where it doesn't use the network and close that port... I don't use X, though, so I haven't done it myself...

Yep, you can turn off X's listening by changing the line that says

ServerArgs=""

to

ServerArgs="-nolisten tcp"

in your startx script..

Reasons you might not want to do this: No more running multiple sessions of X at the same time..
You couldn't su to root in a terminal and execute anything that requires X
Might be more, but those are the two issues I know of.. You could just simply make an ipchains rule denying packets to port 6000... except for localhost ofcourse.

[X] YES! I'm a brain-damaged lemur on crack, and I'd like to order your software package for $459.95!


Hey jesterspet...

don't you mean a "lemming"
They're the ones that jump off cliffs cuz all their buddies do it (and population control).

http://www.linuxnewbie.org/ubb/smile.gif

NO http://www.linuxnewbie.org/ubb/mad.gif

I am a brain damaged lemur on crack. I make strange sounds and climb all over shiny things. http://www.linuxnewbie.org/ubb/rolleyes.gif

Brain damaged lemmings on crack on the other hand tend to wander all over the place and never seem to get close to shiny things and when they do, they don't last long. http://www.linuxnewbie.org/ubb/rolleyes.gif

I just need dangly shiny things and a post to rub on to make my day http://www.linuxnewbie.org/ubb/biggrin.gif

LOL!


You can edit ports/services *depending on distro* via /etc/services



------------------
---=== SYSTEM RULES ===--
1. Do not post crap
2. Obey rule #1
3. Only post stuff that rule #2 allows