|
为了让linux主机少一些隐患,我们要尽可能把一些不需要的服务取消或者删掉。 我们可以先来看看目前有哪些端口是开着的 [root@localhost linsc]# nmap 127.0.0.1 Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2007-12-05 21:28 CST Interesting ports on localhost.localdomain (127.0.0.1): (The 1652 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 21/tcp open ftp 22/tcp open ssh 25/tcp open smtp 80/tcp open http 766/tcp open unknown 3306/tcp open mysql 8009/tcp open ajp13 8080/tcp open http-proxy Nmap run completed -- 1 IP address (1 host up) scanned in 0.194 seconds 可以看到 766 端口是打开着的,一个 unknown 的服务正在运行,这是什么服务?这个时候我也不知道。 [root@localhost linsc]# netstat -lp 可以看到有下面一条内容, tcp 0 0 *:766 *:* LISTEN 3128/rpc.statd 说明是 rpc.statd 正在运行。 就看766是什么命令执行的监听端口的另外一个办法 [root@localhost linsc]# lsof -i:766 COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME rpc.statd 3128 rpcuser 8u IPv4 6467 TCP *:766 (LISTEN) 查看rpc.statd这个命令是那个安装包的文档 [root@localhost linsc]# rpm -qf /sbin/rpc.statd nfs-utils-1.0.6-80.EL4 查看nfs开头有那些东东 [root@localhost linsc]# ls /etc/init.d/nfs* /etc/init.d/nfs /etc/init.d/nfslock 查看nfslock状态 [root@localhost linsc]# /etc/init.d/nfslock status rpc.statd (pid 3128) 正在运行... [root@localhost linsc]# vi /etc/services 找到里面的 nfs ,在前面加 # 注释掉,重启, [root@localhost linsc]# nmap 127.0.0.1 Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2007-12-05 21:55 CST Interesting ports on localhost.localdomain (127.0.0.1): (The 1653 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 21/tcp open ftp 22/tcp open ssh 25/tcp open smtp 80/tcp open http 3306/tcp open mysql 8009/tcp open ajp13 8080/tcp open http-proxy Nmap run completed -- 1 IP address (1 host up) scanned in 0.194 seconds (责任编辑:IT) |