- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- how do I disable the services that are listening i...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-31-2007 03:56 AM
01-31-2007 03:56 AM
Our security team is asking us fix some security holes in HP servers. rp8420, hp-ux 11i v2.
Following are the services needs to be removed. Can Someone tell what command to use to disable these services?
Webservices without encryption listening on
tcp/381 and tcp/383
SMTP services on tcp/25 and tcp/587
portmapper tcp/111
We do not require these services.
When I did the "netstat -rn" I see these services are listening in these ports.
Thanks for your help,
kesh
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-31-2007 03:59 AM
01-31-2007 03:59 AM
Re: how do I disable the services that are listening in certain tcp ports
Depending on the web services you use, you might need to reconfigure their configuration files.
Not much time to check everything myself right now, but the above should get you on your way :)
Cheers
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-31-2007 04:15 AM
01-31-2007 04:15 AM
SolutionNow for the second class of services, things are a bit more tricky although the vast majority of them are started by rc scripts. Look in /sbin/init.d for the desired service. You may simply want to "grep -i 'smtp' *" to help you find the applicable script. Now there is almost always a configuration file located in /etc/rc.config.d of the same name as the script in /sbin/init.d. Before you edit the configuratiuon file, you should first stop the service. For example, let's suppose that you want to disable webadmin. First "/sbin/init.d/webadmin stop"; next edit /etc/rc.config.d/webadmin and set WEBADMIN=0. This will prevent the service from starting on the next boot. A few services might be started by init, so you should also examine /etc/inittab --- but this is a seldom used mechanisn these days.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-31-2007 05:40 AM
01-31-2007 05:40 AM
Re: how do I disable the services that are listening in certain tcp ports
Thanks for your detailed response. It is a lot of help.
kesh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-31-2007 12:43 PM
01-31-2007 12:43 PM
Re: how do I disable the services that are listening in certain tcp ports
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-05-2008 12:34 PM
03-05-2008 12:34 PM
Re: how do I disable the services that are listening in certain tcp ports
I disable the portmapper adding a # character at the beginnind of the file /etc/services, but the vulnerability test report the port 111 open.
Do you have any idea how disable that port and how this affect the conecctivity?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-05-2008 12:58 PM
03-05-2008 12:58 PM
Re: how do I disable the services that are listening in certain tcp ports
The upshot is that you cannot use /etc/services to enable/disable services - that has to be done via other mechanisms. On HP-UX, that is often by editing files in /etc/rc.config.d/ but may be elsewhere depending on the service.