Why are these ports open in iptables on new FC4 install?
John Summerfied
debian at herakles.homelinux.org
Sun Feb 12 22:30:18 UTC 2006
Scot L. Harris wrote:
> On Sun, 2006-02-12 at 09:29 +0800, John Summerfied wrote:
>
>>Scot L. Harris wrote:
>>
>>
>>>Looked through the release notes and did not see anything related to
>>>ports 5353, 50, 51, or 631.
>>>
>>>Why is port 5353 open by default? From searching around this appears to
>>>have something to do with multi cast DNS which seems to be tied to Apple
>>>iTunes. I don't believe I installed anything that would need access to
>>>Apple iTunes.
>>
>>Nothing to do with ITunes per se. Google for zeroconf, for apple+bonjour
>>and apple+rendezvous
>>
>
>
> Zeroconf, have yet to find that useful. I generally get around to
> turning that off in /etc/sysconfig/network.
I read KDE 3.4 supports it, it's turned off in FC3. It's very useful to
Apple users, and it could be very useful in Linux, especially for laptop
users.
>
>
>>A lot of people are likely to want it, and most of those are not
>>competent to configure it.
>>
>>>I also don't understand why ports 50 and 51 are open. I don't plan on
>>>setting up a VPN at the moment and I don't know why these would be open
>>>by default on a new install.
>>
>>Seems to me if you are one who's using IP6 it's something you'd want. If
>>there's no IP6 around in your area, I don't see a problem.
>>
>
>
> So leave these ports open by default? Seems like those would be ports I
> would try to setup a service on if I managed to get into a system then.
If you can install services to use those ports, you can also fix the
firewall rules.
> Particularly since the majority of people are not using them for
> anything. I don't have to mess with iptables which means it is harder
> for the admin to detect that I am on the system.
I don't believe that.
>
>
>
>>>I'm also wondering about port 631 being open by default. I know this is
>>>used for ipp printing but I have not setup this machine to provide print
>>>services yet.
>>
>>If you want to print _from_ it I suspect you'll want it. Printing works
>>better on my Linux boxes than from my OS X and Windows. Printers come
>>and go (as seen from my laptop) depending on which LAN it's on.
>>
>>If you are not running CUPS, then nobody going to sucessfully send you
>>UDP packets tp port 631.
>>
>
>
> I just checked and with port 631 blocked I can still access the cups
> configuration via the web browser http://localhost:631.
That's TCP, you said UDP.
>>You didn't say what your security setting is.
>
>
> Which security setting? Firewall is enabled, selinux is enabled.
You get to select the level during install, and there's a "sectury
level" item in my menus that lets me change it.
--
Cheers
John
-- spambait
1aaaaaaa at computerdatasafe.com.au Z1aaaaaaa at computerdatasafe.com.au
Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/
do not reply off-list
More information about the users
mailing list