Solved

Stopping All Solaris Services

Posted on 2006-11-04
7
1,274 Views
Last Modified: 2013-12-21
Hello!

I scanned my Solaris Box and I got this results:

PORT      STATE SERVICE
21/tcp    open  ftp
22/tcp    open  ssh
23/tcp    open  telnet
25/tcp    open  smtp
79/tcp    open  finger
80/tcp    open  http
111/tcp   open  rpcbind
513/tcp   open  login
514/tcp   open  shell
587/tcp   open  submission
898/tcp   open  sun-manageconsole
4045/tcp  open  lockd
6000/tcp  open  X11
7100/tcp  open  font-service
8888/tcp  open  sun-answerbook
32771/tcp open  sometimes-rpc5
32772/tcp open  sometimes-rpc7
32773/tcp open  sometimes-rpc9
32774/tcp open  sometimes-rpc11
32775/tcp open  sometimes-rpc13
32776/tcp open  sometimes-rpc15
32777/tcp open  sometimes-rpc17
32778/tcp open  sometimes-rpc19
32779/tcp open  sometimes-rpc21
32780/tcp open  sometimes-rpc23
32786/tcp open  sometimes-rpc25
32787/tcp open  sometimes-rpc27


This services are running!

I want to stop all this services except 80..

Please advice...
Thanks from now!
0
Comment
Question by:CSecurity
  • 3
  • 2
  • 2
7 Comments
 
LVL 34

Expert Comment

by:PsiCop
ID: 17873552
Most can be stopped by editing /etc/inet/inetd.conf

You didn't bother to specify which VERSION of Solaris you have, so getting very specific about what to comment out is difficult.

After editing that file to comment out whatever you don't want. issue a SIGHUP to the inetd daemon and re-scan.
0
 
LVL 17

Author Comment

by:CSecurity
ID: 17873558
I user Solaris 10 and I stop services using svcadm and svcs commands.
0
 
LVL 34

Expert Comment

by:PsiCop
ID: 17874046
Hmmm....Sun changed a LOT of system administration tasks in Solaris 10. Editing /etc/inet/inetd.conf may not be the right way to do this in that version.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 48

Expert Comment

by:Tintin
ID: 17874447
Firstly, if you are concerned about securing your system, you should try jass.

http://www.sun.com/software/security/jass/

In Solaris 10, to disable services:

Run

svcs

to see all enabled services, then disable the ones you want.  Eg:

svcadm disable sendmail
svcadm disable rlogin
etc

0
 
LVL 17

Author Comment

by:CSecurity
ID: 17876837
I know... I want svcs and svcadm (as I noticed above)

But I want to know service names of application which listens on ports I specified above
0
 
LVL 48

Accepted Solution

by:
Tintin earned 500 total points
ID: 17877336
21/tcp    open  ftp - svcadm disable ftp
22/tcp    open  ssh - svcadm disable ssh
23/tcp    open  telnet - svcadm disable telnet
25/tcp    open  smtp - svcadm disable smtp
79/tcp    open  finger - svcadm disable finger
111/tcp   open  rpcbind - for i in `svcs -H -o FMRI *rpc*`;do svcadm disable $i;done   # This will disable *all* rpc servcies
513/tcp   open  login - Do you *really* want to disable this?
514/tcp   open  shell - svcadm disable shell
587/tcp   open  submission - # gets disabled when you disable smtp (sendmail)
898/tcp   open  sun-manageconsole - not sure
4045/tcp  open  lockd - for i in `svcs -H -o FMRI *nfs*`; do svcadm disable $i;done # This will disable *all* NFS services
6000/tcp  open  X11 - not sure
7100/tcp  open  font-service - svcadm xfs
8888/tcp  open  sun-answerbook - not sure
0
 
LVL 17

Author Comment

by:CSecurity
ID: 17877338
Thanks
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Hello fellow BSD lovers, I've created a patch process for patching openjdk6 for BSD (FreeBSD specifically), although I tried to keep all BSD versions in mind when creating my patch. Welcome to OpenJDK6 on BSD First let me start with a little …
Installing FreeBSD… FreeBSD is a darling of an operating system. The stability and usability make it a clear choice for servers and desktops (for the cunning). Savvy?  The Ports collection makes available every popular FOSS application and packag…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now