RE: Ports 80, 111

["Frank W. Keeney" <FKeeney () hsa com>]

I strongly suggest using the built-in "firewall" in Linux called
ipfwadm. This will give you very fine grained control over access to any
port on your host.

My sample: http://pasadena.net/linux/linuxsecure.html

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Frank Keeney, Network Services, Home Savings of America
+1 626-814-5080 mailto:fkeeney () hsa com / mailto:frank () pasadena net
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


        ----------
        From:  Steve [SMTP:swaterman () inetllc com]
        Sent:  Friday, June 11, 1999 2:52 PM
        To:  firewall-wizards () nfr net
        Subject:  Ports 80, 111

        I'm having trouble preventing some services from running - I'm
running
        Caldera 1.3 (kernel 2.0.36) with ipfwadm.

        Now for the problems:

        Netstat -an | grep LISTEN, and well as nmap, shows RPC listening
on port
        111.  I would prefer not to even run this, but Cron complained
of not being
        able to make connections when I disabled it.  What is the best
way to stop
        this: with a packet filter denying traffic on port 111 outbound?
Or do I
        even need to run it?

        And my second problem:  An nmap scan show port 80 active and
open, though
        Apache is not running; however, netstat -an | grp LISTEN does
not show it to
        be listening.  I cannot figure out for the life of my where this
is coming
        from!  If I connect to my system through a web browser, it
simply says the
        services aren't available, so it's not dishing up any services.
It's just
        sitting there, acting as though it's waiting for someone to
connect.

        I am not running *any* Internet services on this, and don't want
anything
        listening, but don't know where to go, especially on port 80!
It is simply
        my router/firewall . . .

        I'm at a loss!!!

        Steve