Port 631 opened [solved]

Insight_45 · 2004-12-16 14:09:01

Hello, I am relatively new to Linux, I used Mandrake before. I reinstalled my machine recently (M$ and Linux) and chose Arch instead of Mdk. I had a hard time to make the machine work but it does now. Some configuration is still to do (video card, digital camera,...).

I am not sure how I can explain or what I need to write. I use this site:
https://www.grc.com/x/ne.dll?bh0bkyd2 and click "All Service Ports"
to check if my machine is safe for the Internet. It shows a lot of closed ports. I think this is OK. But for port 631 (IPP) is shows open. I have Cups to run my HP 952C printer.

Should I be afraid of this port. Can I close it but still print with my local printer. I did a search here but I have not found an answer.

What info would someone need to tell me if my machine is OK or do I need to configure something.

Insight_45 · 2004-12-16 15:36:23

I think I found out about closing the port 631. In /etc/cups/cupsd.conf I replaced the line with "listen" from Listen *:631 to Listen my_machine_name:631and restarted

Checking back on the port scan result, it shows the port to be closed. I hope this is correct and if so, it could help others.

phrakture · 2004-12-16 15:37:37

Is your machine connected to a router or directly connected to a cable/dsl modem?

Basically what you need is a firewall... with a proper firewall, you can open whatever ports you want and they're open to everything behind your firewall (local network) but not to things on the other side (the internet)...

Insight_45 · 2004-12-16 15:45:27

I am connected directly through an ADSL modem. I do not have a firewall. Is there a package that can do that with Arch (like on Window$ there is Symantec Internet Security). Or are you writing about a physical device. Thanks for your help.

ADDITION: I found out KMyFirewall. Is there a way to Not reply to Ping. I checked with the link I wrote above and they only tell me that I reply to ping calls. It is a very Big improvement. I am already happy with this.

i3839 · 2004-12-16 16:22:51

The de facto firewall in Linux is iptables, though you'd probably want a graphical front-end for it (like KMyFirewall).

murkus · 2004-12-16 18:16:10

i3839 wrote:

The de facto firewall in Linux is iptables, though you'd probably want a graphical front-end for it (like KMyFirewall).

I heartily recommend firestarter. ICMP can easily filtered by:
edit -> preferences -> ICMP Filtering -> enable ICMP filtering

.murkus

Insight_45 · 2004-12-16 19:29:40

Thanks to you guys.

I checked/installed this FireStarter, tried it and was not starting automatically. Found some info on how to create a file to have an auto start, was going to create it when I saw it already exist in /etc/rc.d under "firestarter". Added it to the rc.conf daemon list and Ta Da:
My machine reads as `achieved a perfect "TruStealth" rating` on the site.

So again thanks to you!

Arch Linux

#1 2004-12-16 14:09:01

Port 631 opened [solved]

#2 2004-12-16 15:36:23

Re: Port 631 opened [solved]

#3 2004-12-16 15:37:37

Re: Port 631 opened [solved]

#4 2004-12-16 15:45:27

Re: Port 631 opened [solved]

#5 2004-12-16 16:22:51

Re: Port 631 opened [solved]

#6 2004-12-16 18:16:10

Re: Port 631 opened [solved]

#7 2004-12-16 19:29:40

Re: Port 631 opened [solved]

Board footer