Re: GNOME security.

To: Sergio Brandano <sb@dcs.qmw.ac.uk>
Cc: debian-security@lists.debian.org
Subject: Re: GNOME security.
From: Ethan Benson <erbenson@alaska.net>
Date: Wed, 22 Mar 2000 04:33:07 -0900
Message-id: <[🔎] 20000322043307.F2677@plato.localdomain.local>
In-reply-to: <[🔎] 200003221324.NAA19938@copper.dcs.qmw.ac.uk>; from sb@dcs.qmw.ac.uk on Wed, Mar 22, 2000 at 01:24:31PM +0000
References: <[🔎] Pine.LNX.4.21.0003220123500.29661-100000@cornerstone.core.aoi> <[🔎] 20000322123633.E25188@mors.wiggy.net> <wichert@cistron.nl> <[🔎] 200003221324.NAA19938@copper.dcs.qmw.ac.uk>

On Wed, Mar 22, 2000 at 01:24:31PM +0000, Sergio Brandano wrote:
> 
>  Alexander Hvostov wrote:
> 
> > Would anyone happen to know if it's possible (without hacking the sources
> > and breaking something) to disable the TCP listen ports that a great deal
> > of GNOME apps seem to listen on?
> 
>  I have the same need. Also, the following thing occours with exactly?
>  the same configuration:
> 
>  on i686:
> 
> Port    State       Protocol  Service
> 22      open        tcp        ssh             
> 80      open        tcp        http            
> 487     open        tcp        saft            
> 515     open        tcp        printer         
> 1026    open        tcp        nterm           
> 6000    open        tcp        X11             
> 12345   open        tcp        NetBus
> 
>  on ppc:
> 
> Port    State       Protocol  Service
> 22      open        tcp        ssh             
> 515     open        tcp        printer         
> 6000    open        tcp        X11             
> 12345   open        tcp        NetBus   
> 
>  Is there any particular reason why saft, printer and nterm have to
>  appear? I do not want to give that service, and I could not find the
>  way of getting rid of them. Also, is X11 *really* needed?
>  Feedback welcome!

saft is controlled from /etc/inetd.conf at least it was when i somehow
ended up with it.  printer is lpd, /etc/init.d/lprng stop.  X11 is
opened whenever you start X, no way around that, a ipchains rule is
the best way to deal with X IMO. Netbus and nterm, no idea.

-- 
Ethan Benson
http://www.alaska.net/~erbenson/

Reply to:

Follow-Ups:
- Re: GNOME security.
  - From: Sergio Brandano <sb@dcs.qmw.ac.uk>
- Re: GNOME security.
  - From: Ingemar Fällman <Ingemar.Fallman@UMDAC.UmU.SE>
- Re: GNOME security.
  - From: Giacomo Mulas <gmulas@ca.astro.it>
- Re: GNOME security.
  - From: Sergio Brandano <sb@dcs.qmw.ac.uk>

References:
- GNOME security.
  - From: Alexander Hvostov <vulture@aoi.dyndns.org>
- Re: GNOME security.
  - From: Wichert Akkerman <wichert@cistron.nl>
- Re: GNOME security.
  - From: Sergio Brandano <sb@dcs.qmw.ac.uk>

Prev by Date: Re: GNOME security.
Next by Date: Re: GNOME security.
Previous by thread: Re: GNOME security.
Next by thread: Re: GNOME security.
Index(es):
- Date
- Thread