Re: Why are these ports open in iptables on new FC4 install?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Scot L. Harris wrote:

On Sun, 2006-02-12 at 09:29 +0800, John Summerfied wrote:


Scot L. Harris wrote:



Looked through the release notes and did not see anything related to
ports 5353, 50, 51, or 631.

Why is port 5353 open by default?  From searching around this appears to
have something to do with multi cast DNS which seems to be tied to Apple
iTunes.  I don't believe I installed anything that would need access to
Apple iTunes.
Nothing to do with ITunes per se. Google for zeroconf, for apple+bonjour and apple+rendezvous 




Zeroconf, have yet to find that useful.  I generally get around to
turning that off in /etc/sysconfig/network.
I read KDE 3.4 supports it, it's turned off in FC3. It's very useful to Apple users, and it could be very useful in Linux, especially for laptop users.
A lot of people are likely to want it, and most of those are not competent to configure it. 


I also don't understand why ports 50 and 51 are open.  I don't plan on
setting up a VPN at the moment and I don't know why these would be open
by default on a new install.
Seems to me if you are one who's using IP6 it's something you'd want. If there's no IP6 around in your area, I don't see a problem. 




So leave these ports open by default?  Seems like those would be ports I
would try to setup a service on if I managed to get into a system then.
If you can install services to use those ports, you can also fix the firewall rules. 


Particularly since the majority of people are not using them for
anything.  I don't have to mess with iptables which means it is harder
for the admin to detect that I am on the system.


I don't believe that.






I'm also wondering about port 631 being open by default.  I know this is
used for ipp printing but I have not setup this machine to provide print
services yet.
If you want to print _from_ it I suspect you'll want it. Printing works better on my Linux boxes than from my OS X and Windows. Printers come and go (as seen from my laptop) depending on which LAN it's on.
If you are not running CUPS, then nobody going to sucessfully send you UDP packets tp port 631. 




I just checked and with port 631 blocked I can still access the cups
configuration via the web browser http://localhost:631. 
That's TCP, you said UDP.


You didn't say what your security setting is.



Which security setting?  Firewall is enabled, selinux is enabled.
You get to select the level during install, and there's a "sectury level" item in my menus that lets me change it. 





--

Cheers
John

-- spambait
1aaaaaaa@xxxxxxxxxxxxxxxxxxxxxxx  Z1aaaaaaa@xxxxxxxxxxxxxxxxxxxxxxx
Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/

do not reply off-list
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux