Hi,
I am new to Solaris. I have done a new installation of the 10 on a sparc and it went well. I need to block all the unwanted ports, for this i have edited the /etc/services. After a rebooted, i don't see any effect, i can see the ports are still listening.
Any help is appreciated.
Tx.
Commenting out lines in /etc/services isn't the way to go about disabling services.
You need to find out what is actually the controlling application/server utilizing that port and disable it.
To see what parts are currently available use netstat -a -f inet. If that doesn't give you enough information install lsof and use its output to identify what application is utilizing what port. Once you identify the application you can disable it with svcadm.
For example: If you see port 25/tcp as available, netstat will report that as smtp and lsof will identify it as sendmail. You can then disable it with svcadm disable sendmail . Now if you do a netstat -a -f inet you won't see port 25/tcp listening any more.
Thanks for your reply.
I have already used svcadm to disable many services. I need to block these ports....
*.32776 *.*00 491520 LISTEN
*.32777 *.*00 491520 LISTEN
*.32778 *.*00 491520 LISTEN
*.32803 *.*00 491520 BOUND
*.898*.*00 491520 LISTEN
*.5988*.*00 491520 LISTEN
*.5987*.*00 491520 LISTEN
*.32804 *.*00 491520 LISTEN
Tx.
'lsof' or 'pfiles' can show the ports open by a process (and let you figure out which process has a port open).
The OS doesn't really block ports directly. The easiest methods to deal with these would be to either stop the processes from opening the port, or use 'ipf' (which comes with Solaris 10) as a firewall to stop external traffic from reaching those ports.
--
Darren
