Re: Weird Port Open


Subject: Re: Weird Port Open
christopher.murtagh@wcg.mcgill.ca
Date: Wed Apr 25 2001 - 10:02:32 MDT


On Wed, 25 Apr 2001, Patrick J. Larkin wrote:
>OK, when I type 'telnet myhost 1024' I get:
>
>Lockd: connect from unprivileged port: 204.xxx.xxx.xxx:1032<4>lockd: accept
>failed (err 11)!

 Ok, looks like you have some RPC services running. You probably don't
want them. Have a look in

/etc/rc.d/init.d/

 You probably have things like: rstatd, rwalld, rusersd, rwhod, rfoo, rbar
etc. etc. Chances are you don't want any of them. Unless you are running a
network file system, you probably don't want nfs or nfslock either. So,
what you should to is kill all the processes they spawn, and remove them
from this directory.

 You can do this by either doing something like the following:

/etc/rc.d/init.d/rwalld stop

 for all of them (this might or might not work). Or simply remove them and
reboot.

 If you do 'netstat -ap | grep 1024' and find out what process is
listening on port 24 you can then kill it as well by sending it a TERM
signal ('kill -TERM 666' where 666 is the process ID number).

Hope this helps.

Cheers,

Chris

-- 

Christopher Murtagh Webmaster / Web Communications Group McGill University Montreal, Quebec Canada



This archive was generated by hypermail 2a24 : Wed Apr 25 2001 - 10:04:52 MDT