You are not logged in.

#1 2004-12-16 14:09:01

Insight_45
Member
Registered: 2004-12-13
Posts: 40

Port 631 opened [solved]

Hello, I am relatively new to Linux, I used Mandrake before. I reinstalled my machine recently (M$ and Linux) and chose Arch instead of Mdk. I had a hard time to make the machine work but it does now. Some configuration is still to do (video card, digital camera,...).

I am not sure how I can explain or what I need to write. I use this site:
https://www.grc.com/x/ne.dll?bh0bkyd2 and click "All Service Ports"
to check if my machine is safe for the Internet.  It shows a lot of closed ports. I think this is OK. But for port 631 (IPP) is shows open. I have Cups to run my HP 952C printer.

Should I be afraid of this port. Can I close it but still print with my local printer. I did a search here but I have not found an answer.

What info would someone need to tell me if my machine is OK or do I need to configure something.

Offline

#2 2004-12-16 15:36:23

Insight_45
Member
Registered: 2004-12-13
Posts: 40

Re: Port 631 opened [solved]

I think I found out about closing the port 631. In /etc/cups/cupsd.conf I replaced the line with "listen" from Listen *:631 to Listen my_machine_name:631and restarted

Checking back on the port scan result, it shows the port to be closed. I hope this is correct and if so, it could help others.

Offline

#3 2004-12-16 15:37:37

phrakture
Arch Overlord
From: behind you
Registered: 2003-10-29
Posts: 7,879
Website

Re: Port 631 opened [solved]

Is your machine connected to a router or directly connected to a cable/dsl modem?

Basically what you need is a firewall... with a proper firewall, you can open whatever ports you want and they're open to everything behind your firewall (local network) but not to things on the other side (the internet)...

Offline

#4 2004-12-16 15:45:27

Insight_45
Member
Registered: 2004-12-13
Posts: 40

Re: Port 631 opened [solved]

I am connected directly through an ADSL modem. I do not have a firewall. Is there a package that can do that with Arch (like on Window$ there is Symantec Internet Security). Or are you writing about a physical device. Thanks for your help.

ADDITION: I found out KMyFirewall. Is there a way to Not reply to Ping. I checked with the link I wrote above and they only tell me that I reply to ping calls. It is a very Big improvement. I am already happy with this.

Offline

#5 2004-12-16 16:22:51

i3839
Member
Registered: 2004-02-04
Posts: 1,185

Re: Port 631 opened [solved]

The de facto firewall in Linux is iptables, though you'd probably want a graphical front-end for it (like KMyFirewall).

Offline

#6 2004-12-16 18:16:10

murkus
Member
From: Europe/Helsinki
Registered: 2004-03-19
Posts: 254

Re: Port 631 opened [solved]

i3839 wrote:

The de facto firewall in Linux is iptables, though you'd probably want a graphical front-end for it (like KMyFirewall).

I heartily recommend firestarter.  ICMP can easily filtered by:
edit -> preferences -> ICMP Filtering -> enable ICMP filtering

.murkus

Offline

#7 2004-12-16 19:29:40

Insight_45
Member
Registered: 2004-12-13
Posts: 40

Re: Port 631 opened [solved]

Thanks to you guys.

I checked/installed this FireStarter, tried it and was not starting automatically. Found some info on how to create a file to have an auto start, was going to create it when I saw it already exist in /etc/rc.d under "firestarter". Added it to the rc.conf daemon list and Ta Da:
My machine reads as `achieved a perfect "TruStealth" rating` on the site.

So again thanks to you!

Offline

Board footer

Powered by FluxBB