Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi all my question is, I ran nmap on my linuxbox and found these ports open 631tcp-1024tcp-1025tcp-6000tcp-177udp so what I wanted to know is am i safe or should i kill these ports and also how would be the best way or will a firewall be enough. I hope i get more help with this question than my last one ... thanks to all
Distribution: Debian, Red Hat, Slackware, Fedora, Ubuntu
Posts: 13,602
Rep:
The 6000 and the 177udp have to do with X windows. The 1024 and 1025 are PROBABLY outgoing connections to something like telnet or ssh. Port 631 is listed as Internet Printing Protocol, I am not exactly sure what that is
To find out what is using each port type "netstat --inet -avp".
Edman. I looked at your last question. In this question you're suggesting that there was a problem with the help you got. It seemed that TK Tech was clear in what he had to say. When he posted his response, it was immedately emailed to you.
If you didn't understand his responce or needed more, the next step would have been to respond to what he had posted, and either he, or some of the other experience users would have given followups.
If you're still having problems along that line, or found an alternate route, everyone is interested. The next new user will look at the thread and learn from it. Personally, I use the search feature as reference, and would be glad to have your experience included with a good resolution to the question.
Looking at the time stamp on your post and the reponse you got, you had a reply within 4 hours of your post in the wee hours. I personally was looking at the post and about to respond when I notice while I was figuring out the best way of describing, there was a response. If I had dreamed it weren't clear to you, I would have added more.
Please post a followup on the thread you feel you're still having problems with. There are things that could be added, but we have to know what you're looking for. We could right a book on every subject but still miss the person's immediate problem.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.