netstat? How do I change rules in it?

**Binxalot** · 02-15-2008

If I do netstat -ltn on my systm it lists all of the ports that are open and listening. Here is what it relays to me:

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 :::111 :::* LISTEN
tcp 0 0 :::80 :::* LISTEN
tcp 0 0 :::443 :::* LISTEN

I know 127.0.0.1 is the loopback, but how do I turn off these other ports from listening? I looked up port 111 and it's open to attacks and I want to turn off whatever is listening on that port and then close that up before something bad happens. Same for port 3306, I can't even find any information about this port online, but again, I'd rather just turn off whatever is trying to use that port and take a better safe than sorry approach to securing my server.

**anomie** · 02-15-2008

What distro is this?

For a little more info (daemon responsible for the listening port), try:
# netstat -ltnp

Managing services is sometimes distro-dependent. e.g. RH family uses chkconfig.

**Binxalot** · 02-15-2008

Sorry, I'm using Fedora 7. So I run chkconfig and it will show me whats running and what's not?

**anomie** · 02-15-2008

To see which services are enabled (and in which runlevels) you can use:
# chkconfig --list | less

Any services you want to shut off you can use:
# chkconfig service_here off

Note that this takes effect after a reboot. You can use the addition step of stopping the service via its /etc/init.d/script_here script if you'd like to avoid a reboot.

For more info on chkconfig, see man 8 chkconfig.

Thread Tools

Display

netstat? How do I change rules in it?

Fedora

Posting Permissions