FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 08-03-2008, 12:21 AM
Richard Hector
 
Default how to close port 113 ident xinetd

On Sat, 2008-08-02 at 18:17 -0500, Ron Johnson wrote:
> On 08/02/08 17:43, Ansgar Burchardt wrote:
> > Hi,
> >
> > "Jimmy Wu" <jimmywu013+debian@gmail.com> writes:
> >
> >> I tried doing an nmap scan on myself the other day and found that tcp
> >> port 113 was open. Nmap listed the service as ident. I am trying to
> >> remove this service since I don't think I need it, but I can't figure
> >> out how. I removed the package pidentd, after which nmap reported the
> >> port was still open, but changed its service description to "auth?".
> >
> > Did you restart xinetd after removing pidentd?
>
> Since the superserver only activates processes on demand, does it
> really matter that xinetd was not restarted?

That's presumably the reason for the changed description from nmap -
xinetd is still listening on the port, but can't find the program when
it tries to start it.

Removing the package has hopefully removed the relevant line from the
config file (/etc/inetd.conf?), so xinetd won't listen on that port when
it restarts.

Richard



--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 08-03-2008, 01:03 AM
"Jimmy Wu"
 
Default how to close port 113 ident xinetd

On Sat, Aug 2, 2008 at 6:43 PM, Ansgar Burchardt <ansgar@2008.43-1.org> wrote:
> Hi,
>
> "Jimmy Wu" <jimmywu013+debian@gmail.com> writes:
>
>> I tried doing an nmap scan on myself the other day and found that tcp
>> port 113 was open. Nmap listed the service as ident. I am trying to
>> remove this service since I don't think I need it, but I can't figure
>> out how. I removed the package pidentd, after which nmap reported the
>> port was still open, but changed its service description to "auth?".
>
> Did you restart xinetd after removing pidentd?
>
> Regards,
> Ansgar

Thank you - I restarted xinetd and the port seems to be closed now (at
least according nmap and netstat). I guess since ident wasn't
mentioned in xinetd.conf, I didn't think to restart it.

Thanks again to everyone who replied,
--
Jimmy Wu
Registered Linux User #454138
() ascii ribbon campaign - against html e-mail
/ www.asciiribbon.org - against proprietary attachments


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 08-03-2008, 04:04 PM
Gregory Seidman
 
Default how to close port 113 ident xinetd

On Sat, Aug 02, 2008 at 09:03:10PM -0400, Jimmy Wu wrote:
> On Sat, Aug 2, 2008 at 6:43 PM, Ansgar Burchardt <ansgar@2008.43-1.org> wrote:
> > Hi,
> >
> > "Jimmy Wu" <jimmywu013+debian@gmail.com> writes:
> >
> >> I tried doing an nmap scan on myself the other day and found that tcp
> >> port 113 was open. Nmap listed the service as ident. I am trying to
> >> remove this service since I don't think I need it, but I can't figure
> >> out how. I removed the package pidentd, after which nmap reported the
> >> port was still open, but changed its service description to "auth?".
> >
> > Did you restart xinetd after removing pidentd?
> >
> > Regards,
> > Ansgar
>
> Thank you - I restarted xinetd and the port seems to be closed now (at
> least according nmap and netstat). I guess since ident wasn't
> mentioned in xinetd.conf, I didn't think to restart it.

xinetd uses separate configuration files for each of the services it
provides (assuming your /etc/xinetd.conf has the line "includedir
/etc/xinetd.d" per the Debian default). Part of the pidentd package is an
xinetd config file that is placed in the /etc/xinetd.d directory. When you
uninstalled pidentd that file was removed, but you still had to restart
xinetd for it to reread its config (which no longer included the ident
service).

> Thanks again to everyone who replied,
> Jimmy Wu
--Greg


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 08-04-2008, 12:45 PM
"Jimmy Wu"
 
Default how to close port 113 ident xinetd

On Sun, Aug 3, 2008 at 12:04 PM, Gregory Seidman
<gsslist+debian@anthropohedron.net> wrote:
[...]
> xinetd uses separate configuration files for each of the services it
> provides (assuming your /etc/xinetd.conf has the line "includedir
> /etc/xinetd.d" per the Debian default). Part of the pidentd package is an
> xinetd config file that is placed in the /etc/xinetd.d directory. When you
> uninstalled pidentd that file was removed, but you still had to restart
> xinetd for it to reread its config (which no longer included the ident
> service).

OK - that makes sense now. Thanks!

-- Jimmy


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 07:40 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org