Solved

how do I close the port 37 ?

Posted on 2006-10-20
5
1,336 Views
Last Modified: 2013-12-05
Hi.
My linux (slackware)  is listening on TCP/UDP port 37. How can I stop this time service.
Is there some security problem or something depends on it?
Sorry my english.
0
Comment
Question by:edgardvieira
  • 2
  • 2
5 Comments
 
LVL 7

Expert Comment

by:Chatable
ID: 17777268
I found this website: http://www.auditmypc.com/port/udp-port-37.asp
This website states that port 37 is used for:
"Time. Provides remote timing stat's of internal processing events. Security Concerns: Gives remote attacker info on host's internal processing load. Can identify critical processing times, plus output can be looped to echo port (7) and create a DOS threat to the subnet. Disable this port on all hosts."
Well I don't agree that this is a major security concern however it still might be a good idea to close it.

Okay since I don't have slackware I will relate to the general task of closing an unneeded open port.
First you determine which application is bound to this port. Run this: netstat --inet -anp
This will dump a list of all open ports along with the PID of their associated process. Then, once you have the PID you can determine which program it is by running: ps -ef
Once you've found the program simply stop it and remove it from your /etc/rc#.d folder so it doesn't execute on startup.
An alternative approach is to simply use the linux built-in firewall (iptables) to block access to unneccessary ports.
You may check this page for an iptables guide: http://iptables-tutorial.frozentux.net/iptables-tutorial.html
0
 
LVL 34

Accepted Solution

by:
Duncan Roe earned 500 total points
ID: 17778170
I find lsof easier to use than netstat:

10:36:02# lsof -i :time
COMMAND PID USER   FD   TYPE DEVICE SIZE NODE NAME
inetd   566 root    4u  IPv4    654       TCP *:time (LISTEN)
inetd   566 root    5u  IPv4    655       UDP *:time

On my (Slackware) system, inetd is accepting time calls (along with a lot of other ports, but I asked lsof to only show the time port ("man lsof" for an explanation)).

If you don't want the time service to be enabled, edit /etc/inetd.conf, to comment-out these 2 lines:

time    stream  tcp     nowait  root    internal
time    dgram   udp     wait    root    internal

These lines correspond exactly to the 2 entries that lsof showed earlier
0
 
LVL 34

Expert Comment

by:Duncan Roe
ID: 17778180
After changing /etc/inetd.conf, send SIGHUP to the inetd process to have them take effect:

killall -HUP inetd
0
 
LVL 7

Expert Comment

by:Chatable
ID: 17779624
omg you're right, I forgot to relate to inetd... killing inetd isn't a good idea.
if inetd is indeed the process that listens on port 37 you should definitely do what duncan_roe has suggested.
0
 

Author Comment

by:edgardvieira
ID: 17794827
Sorry my delay.
Thanks.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
If you use Debian 6 Squeeze and you are tired of looking at the childish graphical GDM login screen that is used by default, here's an easy way to change it. If you've already tried to change it you've probably discovered that none of the old met…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

948 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now