On Thu, 21 Oct 2004 18:05:14 GMT, Marcus Monserrate staggered into the
Black Sun and said:
> I've read alot of info on this and made the recommended entries

What were the exact changes that you made? Which files did you change?
Read http://catb.org/~esr/faqs/smart-questions.html , please.

> but I still get:
> ~$ netstat -a
> tcp 0 0 *:x11 *:* LISTEN
> tcp 0 0 *:631 *:* LISTEN
> I'm using Slackware 10 and [I'd] like to get this turned off.

If you don't want your X to listen to XDMCP or Chooser requests, you
should put this line

DisplayManager.requestPort: 0

in your /etc/X11/xdm/xdm-config file and restart X. Your
/etc/X11/xdm/Xservers file may have a line in it like so:

:0 local /usr/X11R6/bin/X -nolisten tcp

....which will make it so that X doesn't listen for TCP connections. The
format of that file is display name, type (local or foreign), and
command to run (for local displays only). HTH,

--
Matt G|There is no Darkness in Eternity/But only Light too dim for us to see
Brainbench MVP for Linux Admin / mail: TRAP + SPAN don't belong
http://www.brainbench.com / Hire me!
-----------------------------/ http://crow202.dyndns.org/~mhgraham/resume

On 10-21-2004, in comp.os.linux.x,
Marcus Monserrate wrote:

> I've read alot of info on this and made the recommended entries
> but I still get:
>
> ~$ netstat -a
> Active Internet connections (servers and established)
> Proto Recv-Q Send-Q Local Address Foreign Address State

> tcp 0 0 *:631 *:* LISTEN
>
> I'm using Slackware 10 and I like to get this turned off.

Did someone not already mention asking a better question?

I'd be guessing tcp:631 is cups. You can "turn-it-off" completely by
removing the cups package or making /etc/rc.d/rc.cups
non-executable. Yep, these two methods will kill the cups service
and you won't be printing anything if you rely on cups for printing.
But then, you only said you wanted to turn it off.

Max

--
This is Linux country my good man, on a quiet night you can
hear the sound of Windows rebooting.

Thank you for understanding my question. I apologize to all
for not being more clear. To be clear, what I'd like is to
have these needed services to stop listening.


Here are the files and the entries that I have edited

From: security-quickstart-howto

/etc/X11/xdm/Xservers
:0 local /usr/X11R6/bin/X -nolisten tcp

/etc/inittab
xdm -udpPort 0


From: Step by Step: Secure Slackware 8.0 Workstation
Andrew Nall
GCUX Practical Assignment v.1.9 ? Option 1

/usr/X11R6/bin/startx
defaultserverargs="-nolisten tcp"


And the results that I'm still getting are:

~# netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:x11 *:* LISTEN
tcp 0 0 *:631 *:* LISTEN
udp 0 0 *:631 *:*

~# nmap localhost
Interesting ports on localhost (127.0.0.1):
(The 1657 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
631/tcp open ipp
6000/tcp open X11




Dances With Crows wrote:
> On Thu, 21 Oct 2004 18:05:14 GMT, Marcus Monserrate staggered into the
> Black Sun and said:
>
>>I've read alot of info on this and made the recommended entries
>
>
> What were the exact changes that you made? Which files did you change?
> Read http://catb.org/~esr/faqs/smart-questions.html , please.
>
>
>>but I still get:
>>~$ netstat -a
>>tcp 0 0 *:x11 *:* LISTEN
>>tcp 0 0 *:631 *:* LISTEN
>>I'm using Slackware 10 and [I'd] like to get this turned off.
>
>
> If you don't want your X to listen to XDMCP or Chooser requests, you
> should put this line
>
> DisplayManager.requestPort: 0
>
> in your /etc/X11/xdm/xdm-config file and restart X. Your
> /etc/X11/xdm/Xservers file may have a line in it like so:
>
> :0 local /usr/X11R6/bin/X -nolisten tcp
>
> ...which will make it so that X doesn't listen for TCP connections. The
> format of that file is display name, type (local or foreign), and
> command to run (for local displays only). HTH,
>

Well, happy new results. I found a this post doing a google.

"Subject: Re: Xnest generates errors - possible Slack bug?
Newsgroups: alt.os.linux.slackware
Date: 2004-07-25 01:54:23 PST

...the only tweak i made of the configuration of the X server launched by
kdm (do you use kdm ?) is to add -nolisten tcp at the end of the only
uncommented line of /opt/kde/share/config/kdm/Xservers ..."


So, if one happens to be running xorg,kdm,kde and maybe even slack 10
and for added security the -nolisten tcp is desired, then this file

/opt/kde/share/config/kdm/Xservers May give the same happy results.

netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:631 *:* LISTEN
udp 0 0 *:631 *:*

nmap localhost

Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2004-10-24 01:39 EDT
Interesting ports on localhost (127.0.0.1):
(The 1658 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
631/tcp open ipp

Nmap run completed -- 1 IP address (1 host up) scanned in 0.621 seconds


And now on to cups to see what if anything can be done there.
But, I'm sure I need to take that the appropriate newsgroup



Marcus Monserrate wrote:
> Thank you for understanding my question. I apologize to all
> for not being more clear. To be clear, what I'd like is to
> have these needed services to stop listening.
>
>
> Here are the files and the entries that I have edited
>
> From: security-quickstart-howto
>
> /etc/X11/xdm/Xservers
> :0 local /usr/X11R6/bin/X -nolisten tcp
>
> /etc/inittab
> xdm -udpPort 0
>
>
> From: Step by Step: Secure Slackware 8.0 Workstation
> Andrew Nall
> GCUX Practical Assignment v.1.9 ? Option 1
>
> /usr/X11R6/bin/startx
> defaultserverargs="-nolisten tcp"
>
>
> And the results that I'm still getting are:
>
> ~# netstat -a
> Active Internet connections (servers and established)
> Proto Recv-Q Send-Q Local Address Foreign Address State
> tcp 0 0 *:x11 *:* LISTEN
> tcp 0 0 *:631 *:* LISTEN
> udp 0 0 *:631 *:*
>
> ~# nmap localhost
> Interesting ports on localhost (127.0.0.1):
> (The 1657 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 631/tcp open ipp
> 6000/tcp open X11
>
>
>
>
> Dances With Crows wrote:
>
>> On Thu, 21 Oct 2004 18:05:14 GMT, Marcus Monserrate staggered into the
>> Black Sun and said:
>>
>>> I've read alot of info on this and made the recommended entries
>>
>>
>>
>> What were the exact changes that you made? Which files did you change?
>> Read http://catb.org/~esr/faqs/smart-questions.html , please.
>>
>>
>>> but I still get:
>>> ~$ netstat -a
>>> tcp 0 0 *:x11 *:* LISTEN
>>> tcp 0 0 *:631 *:* LISTEN
>>> I'm using Slackware 10 and [I'd] like to get this turned off.
>>
>>
>>
>> If you don't want your X to listen to XDMCP or Chooser requests, you
>> should put this line
>>
>> DisplayManager.requestPort: 0
>>
>> in your /etc/X11/xdm/xdm-config file and restart X. Your
>> /etc/X11/xdm/Xservers file may have a line in it like so:
>>
>> :0 local /usr/X11R6/bin/X -nolisten tcp
>>
>> ...which will make it so that X doesn't listen for TCP connections. The
>> format of that file is display name, type (local or foreign), and
>> command to run (for local displays only). HTH,
>>

You could use netstat like this, to get some more info:

netstat --ip -anp

this shows the processes AND their connections.
This way you don't have to 'guess' what port is handled by what process.

Kirth

This will be very useful, thank you.

Kirth Gersen wrote:
> You could use netstat like this, to get some more info:
>
> netstat --ip -anp
>
> this shows the processes AND their connections.
> This way you don't have to 'guess' what port is handled by what process.
>
> Kirth
>
>