FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 08-02-2008, 10:23 PM
"Jimmy Wu"
 
Default how to close port 113 ident xinetd

Hi,

I tried doing an nmap scan on myself the other day and found that tcp
port 113 was open. Nmap listed the service as ident. I am trying to
remove this service since I don't think I need it, but I can't figure
out how. I removed the package pidentd, after which nmap reported the
port was still open, but changed its service description to "auth?".
I have no other identd related packages installed on my system. I
used netstat to find the process listening on port 113 and it seems to
be xinetd. The exact listing of the process in `ps` is
root 6766 1 0 17:45 ? 00:00:00 /usr/sbin/xinetd
-pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6

I've pasted my /etc/xinetd.conf file at the end - it is really short
and doesn't contain anything relating to ident. An ls on
/etc/xinetd.d shows these files:
chargen daytime discard echo time

I should also mention that xinet seems only to be listening on the
default ipv6 address ::, and not on any ipv4 addresses.

I don't think removing xinetd is the right way to go, but I haven't
been able to find any answers on google. And I don't want to go about
blocking ports on my firewall as that doesn't seem to me like a real
solution - I just want to stop/remove the process that is listening on
this port.

Thanks in advance for your help!

--
Jimmy Wu
Registered Linux User #454138
() ascii ribbon campaign - against html e-mail
/ www.asciiribbon.org - against proprietary attachments

$cat xinetd.conf
# Simple configuration file for xinetd
#
# Some defaults, and include /etc/xinetd.d/

defaults
{

# Please note that you need a log_type line to be able to use log_on_success
# and log_on_failure. The default is the following :
# log_type = SYSLOG daemon info

}

includedir /etc/xinetd.d


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 08-02-2008, 10:43 PM
Ansgar Burchardt
 
Default how to close port 113 ident xinetd

Hi,

"Jimmy Wu" <jimmywu013+debian@gmail.com> writes:

> I tried doing an nmap scan on myself the other day and found that tcp
> port 113 was open. Nmap listed the service as ident. I am trying to
> remove this service since I don't think I need it, but I can't figure
> out how. I removed the package pidentd, after which nmap reported the
> port was still open, but changed its service description to "auth?".

Did you restart xinetd after removing pidentd?

Regards,
Ansgar

--
PGP: 1024D/595FAD19 739E 2D09 0969 BEA9 9797 B055 DDB0 2FF7 595F AD19


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 08-02-2008, 11:17 PM
Ron Johnson
 
Default how to close port 113 ident xinetd

On 08/02/08 17:43, Ansgar Burchardt wrote:

Hi,

"Jimmy Wu" <jimmywu013+debian@gmail.com> writes:


I tried doing an nmap scan on myself the other day and found that tcp
port 113 was open. Nmap listed the service as ident. I am trying to
remove this service since I don't think I need it, but I can't figure
out how. I removed the package pidentd, after which nmap reported the
port was still open, but changed its service description to "auth?".


Did you restart xinetd after removing pidentd?


Since the superserver only activates processes on demand, does it
really matter that xinetd was not restarted?


--
Ron Johnson, Jr.
Jefferson LA USA

Scientists are people, too. IOW, they also "crave power, money,
respect, and influence, and they also fear for their jobs. Each
can be a healthy motivator, but each has the ability to turn a
good scientist into a bad one; and in some cases, they can turn
a good scientist into a charlatan."
http://thefutureofthings.com/book/3/the-bomb-that-never-was.html


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 07:45 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org