How to close FTP, SSH, Telnet ports on OS 10.6.2?
SheildsUP! at https://www.grc.com/x/ne.dll?bh0bkyd2 tells me that I have ports 21, 22, and 23 open. The application firewall on my iMac allows "signed software to receive incoming connections" and "stealth mode" is checked. The option "Block all incoming connections" is not checked.
I recognize that an application firewall does not work by blocking ports. But I wonder if somehow I should try and block them by some other means? Or do I even need to be concerned about it?
Any suggestions? Thanks.
Seems Apple is making things more difficult with every OS update. Back in the day you used to be able to organize your applications instead of having them all in one folder. You used to have a lot more freedom. More and more it is just easier to use a third party app. So I'm gonna install Thunderbird until Apple comes up with an easy way to fix the mail app. it seems that eveything in help says you just gotta reinstall the system from scratch. I would rather just use an open source product that I can put into any forlder I want without having to worry about it screwing itself up. Had similar experience with Safari now it seems like it is time to get rid of Mail.
Similar Messages
-
How to close my listening printer port?
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
80/tcp open http
515/tcp open printer
But I don't want it open.brain0 wrote:Where is that information from? It looks like nmap, and nmap isn't very accurate when it comes to identifying remote services (it just parses /etc/services). There is no printer-related tool in Arch (that I know of) that listens on 515. Use netstat to find out what program is listening.
I think lpd listens on 515 (just like CUPS listens on 631), but I may be mistaken. lpd is part of lprng package. Fluke, do you remember installing this and adding it to the list of running daemons in /etc/rc.conf it seems like it would've been done explicitly? If you're not using lprng, I suppose you can remove the package and/or stop the dameon (/etc/rc.d/lpd) from running. -
How to close SIP and H323 port
I have cisco 2801 with IOS (C2801-SPSERVICESK9-M), Version 12.4(5a). I found that my router open TCP port 5060 (SIP) and TCP port 1720. How can I disable this port? I've tried to disable on "voice service voip" but not working. Do you have any suggestion
Hi,
This has been identified as a Bug in CSCsb25337, and was fixed in the following versions..
12.4(7.12), 12.4(7.11)T, 12.4(03d), 12.4(7.14)T, 12.4(07a), 12.4(05b), 12.4(6)T01, 12.4(4)T03, 12.4(2)T05, 12.3(14)YX02, 12.4(2)XB02, 12.4(4)XD02, 12.3(14)YM08
Workaround:
H323 can be disabled by issuing these commands from Config mode:
voice service voip
h323
call service stop
SIP can be disabled by issuing these commands:
sip-ua
no transport udp
no transport tcp
Voice service voip
sip
Call service stop
HTH
Regards
Kevin -
Ssh, telnet, ftp & tftp services stop working
I have a new SunV245 running Solaris 9 that when I start the server up everything works good, but after 8-12 hours the network type services quit working (ssh, telnet, ftp, & tftp) however I can still ping the interfaces so the network is there. I reboot and everything starts working again. Has anyone seen this before? Is there some kind of power save option that could be shutting the inetd type services down?
Cat and Maximo,
> Let me try to get that straight. Your BM does static NAT for your
> mailserver (and other boxes), and suddenly UDP and ICMP from these
> natted servers through the BM still works, but TCP doesn't?
Yes. That's what it looks like.
> Can you still do TCP *to* the BM from the natted devices when that
> happens? As you say your proxy continues to work, it sounds as if TCP in
> general on the server continues to work, but does it also work from the
> mailserver?
Everyone browsing via BM proxy continues with no interuption.
The mail server can telnet to any other server on the internal LAN but
nothing past BM. DNS continues working for the mail server too.
> If really nothing changed, this might be a (succesful) DOS attack of
> some sort. I wonder if a LAN trace could reveal anything of interest.
Do you mean port scan the BM server?
I know that "nothing has changed" is a loaded statement. The only thing
(that I know of) that has changed relatively recently is the addition of
the Squid server. It has been running behind the BM server for about 3
weeks. Recently I added a filter exception allowing the Squid server to
access higher ports (dyn/tcp).
But, as I noted before, I think removing ipflt should eliminate any
doubts there. Is there some way Squid could be corrupting something there?
The problem was compounded this morning (saturday). I came in today so I
would have the network essentially to myself. But, to my surprise,
everything was ok.
Cat, You're right. This server is no spring chicken. It is an IBM
Netfinity 3000. Its probably 3 or 4 years old (maybe more). I will think
about this as a hardware problem but I just wish the thing would die
altogether and get it over with. :o)
Thanks,
Brian -
How to close port 32773 in solaris 9
Hi
Need your kindly assistance to close port on solaris 9.
Have done the rpcinof -p but can't found the port 32773 showing.According to my research, 32773 port is for rpc services.
root@mcisdev # rpcinfo -p
program vers proto port service
100000 4 tcp 111 rpcbind
100000 3 tcp 111 rpcbind
100000 2 tcp 111 rpcbind
100000 4 udp 111 rpcbind
100000 3 udp 111 rpcbind
100000 2 udp 111 rpcbind
100232 10 udp 32779 sadmind
100229 1 tcp 32775 metad
100229 2 tcp 32775 metad
100230 1 tcp 32776 metamhd
100422 1 tcp 32777
100068 2 udp 32780
100068 3 udp 32780
100068 4 udp 32780
100068 5 udp 32780
100011 1 udp 32781 rquotad
100001 2 udp 32782 rstatd
100001 3 udp 32782 rstatd
100001 4 udp 32782 rstatd
100002 2 udp 32783 rusersd
100002 3 udp 32783 rusersd
100002 2 tcp 32778 rusersd
100002 3 tcp 32778 rusersd
100008 1 udp 32784 walld
100012 1 udp 32785 sprayd
100024 1 udp 32786 status
100024 1 tcp 32779 status
100133 1 udp 32786
100133 1 tcp 32779
100021 1 udp 4045 nlockmgr
100021 2 udp 4045 nlockmgr
100021 3 udp 4045 nlockmgr
100021 4 udp 4045 nlockmgr
1289637086 5 tcp 32799
1289637086 1 tcp 32799
300598 1 udp 32813
300598 1 tcp 32827
805306368 1 udp 32813
805306368 1 tcp 32827
100249 1 udp 32814
100249 1 tcp 32828
Have done netstat -a | grep 32773
root@mcisdev # netstat -a | grep -i 32773
*.32773 Idle
*.32773 *.* 0 0 49152 0 LISTEN
Since we don't know the port is tie to which program or services thus we cant comment out anything in /etc/inetd.conf.
Have do more /etc/services and the port not showing inside this file as well.
Kindly assist on how to close the port for tcp 32773.
Your assistance is highly appreciate.
Thanks
Regards
Chew Chen LaiI am pretty sure rpc is a standalone daemon, and not managed by inetd. Instead check /etc/init.d/ and /etc/rc*** scripts.
There may be some services that require rpc- nfs probably requires it (NFS v4 with kerberos authentication might not.) The idmap daemon used by nfs may also require this (not sure of the exact daemon name..) -
How to close the COM Port ??????????
Dear all :
I have written an application that send AT commands to a modem , Once I opened a com port , i don't know how to close it . I got the null pointer exception when i create a new channel , because the inputStream and outputStream is owned by the previous channel . So , some one can teach me how to close the com port that opened before ?
my source code for open port :
public void Connect_Com(CommPortIdentifier portId) {
Integer i = new Integer((int) (Math.random()* 1000));
String channel = "channel" + i.toString();
System.out.println(channel);
try {
System.out.println("preparing to open port");
serialPort = (SerialPort) portId.open(channel, 2000);
} catch (PortInUseException e) {}
try {
inputStream = serialPort.getInputStream();
System.out.println("getting inputStream");
} catch (IOException e) {}
try {
serialPort.addEventListener(this);
} catch (TooManyListenersException e) {}
serialPort.notifyOnDataAvailable(true);
try {
serialPort.setSerialPortParams(9600,
SerialPort.DATABITS_8,
SerialPort.STOPBITS_1,
SerialPort.PARITY_NONE);
} catch (UnsupportedCommOperationException e) {}serialPort.close() ?
From the documentation of SerialPort:
- SerialPort extends CommPort.
- CommPort.close() closes the communications port. -
So finally that my e4200 is capable of disabling wps i run in to another question.
how to close ports 139 445 ?
these are open by default and i didnt figure out how to close them, in browser setup..
and YES port 139 IS a security issue. people denying this, are the same, that denied any vulnearibilties to wps.Well, in the router set up we can only open the port for any specific application. But there is no way in the router management page where we can close any specific ports for specific purpose.
-
Open ports slow down my internet connection. How to close them? What to do?
My MacBook Pro has massive problems with internet connectivity. At times the connection is blazingly fast, at times unbelievably slow.
I've spoken to my internet provider who was able to inform me that my computer opens up 500-700 ports which is probably what's slowing down the network connectivity. When I'm online with the MacBook Pro, the web gets unstable – also for other connected devices like iPad etc.
The web supporter asked me to run an anti-virus scan which I did – with no results. The problem persists. When my MacBook Pro is not online, there are approximately 15 ports open, when I log on the web that number increases to between 500 and 700.
Is this normal?
Can anyone tell me how to solve this issue?
How do I figure out which application opens these ports? (and how to close them?)
I tried logging into another user account on the computer and the problem seemed to disappear, indicating that it is caused by something run only on my user account.
Hope someone can help me..Open ports don't slow down your computer. The tech support person you spoke to doesn't know what they are talking about.
Basically, when you are using a web browser, opening a page means that the browser needs to open a connection for each element in the page (e.g., it needs to grab each picture, CSS, and JavaScript file that the page requires). This could be a couple of dozen, or it could be hundreds (and there's no telling what Flash content on the page will do). The browser tries to mitigate things a bit using a cache (you might check to make sure the cache is turned on, but this is the default setting). However, this is how all browsers work and how the whole system is designed to operate. You cannot "close" any ports, and they don't linger open, they remain open only as long as data is being transferred. This is expected and appropriate behavior.
The most likely culprit is that you are receiving poor DNS service from your service provider. Every time the computer sees an address like 'http://www.google.com', it needs to send out a request to figure out what numerical address goes with the human-readable name. If the DNS service your system is assigned to use doesn't respond lightning-quick, your experience is going to be very sluggish.
You might want to add an external DNS service to your list of DNS providers. Go to System Preferences > Network, select the network you are using on the left (Ethernet or AirPort), and click the 'Advanced' button. Click on the 'DNS' tab, then press the '+' button under the left panel. I would add the OpenDNS.com DNS servers. Add the following DNS addresses:
{quote}
208.67.222.222
208.67.220.220
{quote}
Click the 'OK' button. And then the 'Apply' button to save the changes.
That will probably fix the problem. If it doesn't the next most likely issue is either network congestion (e.g., your ISP's network is just too busy; a very common thing for small ISPs and cable Internet service), or the remote site that you are trying to contact is simply not performing so well. -
How can i us the parallel port of the printer to control a frequenz-generator?
Hello all !
I like to control with LabVIEW 8 student-version, the Frequenz-generator gadget . For this challenge i like to us the parallel port of the printer. I need for data flow only 2 cable. The frequenz-generator gadget need two signal : Low and High.How can i us the parallel port of the printer to control a frequenz-generator gadget? I have us the VIs-Visa (Visa-Serial, write, Close ), but i dont no what command i have to write on the Visa-Write so that the Signal can be in the low or high position.
ThanksHi Jeanjac,
first, look here:
http://en.wikipedia.org/wiki/Parallel_port
to get the port numbering. also, be sure not to leave pin unconected, sometimes you might get an error message otherwise (i remember pin11 has to be always connected or so for windows...)
second, just run the test panel in MAX and write something to your device to check if it works.
then in LV, you have to decide to which pin is connected your instrument. in any case you have to address all 8 output pins together! this is a parallel...
if you prefere to use only one pin, then you can use the serial port, with just pin 2 and 3 connected. it would work easier for you, since you address only one bit.
Gabriel
... And here's where I keep assorted lengths of wires... -
How to close FPGA reference out from different while loop
Hi Friends,
I`ve different while loop which performs the FPGA read port on different loops I`ve the FPGA out on every terminal at the end of the while loop. I`ve just connected the merge error function in which all the error out of the FPGA are combined and given to simple error handler. How to close the FPGA Reference.Can you attach your VI? I'm not clear on what you mean. Are you saying that you are using the FPGA reference which is passed into multiple loops, and then continuing the reference wire to pass the ref out of each of the multiple loops?
If that is the case, I don't believe you can't merge references like you can error clusters. You will just need to wire one of the reference to the close FPGA VI. Additionally though, I'd recommend that you use your error clusters in some manner to ensure data flow so that all the other loops stop first, and you are sure you are closing the reference after all the other loops are done with the ref. -
IOS Zone firewall (ZFW) & changing SSH listening port
I'll have to check into the deetails again but I recall there being a way to change the listening port for SSH. Not only do you have to configure SSH itself to listen on a new port but I think there was something about making the inbound interface part of a rotary group or something.
Anyway, my question is more about how the zone firewall reacts to this. If I have inspect set for SSH, (or pass) and yet change the default port for it, does the IOS still know to take the configured action on the protocol? I'll try to test this myself once I have an opportunity but may not be able to for several days, plus if anybody has anything further to add regarding any other implications this port change mgiht have, please share
Thanks!Hi Julio,
You are ever helpful sir Howver, things are not making sense.
Ok so to take it from the top. So far I have done the following:
Router(config)#ip ssh port 2340 rotary 1
Then:
Router(config)#line vty 0 123 (123 = max # of vty lines, my actual # is different)
Router(config-line)#rotary 1
This of course does not make SSH on port 2340 work from the Internet zone to Self as I have not yet modified the firewall nor done the ip port-map command. It does work from the LAN side to Self since that zone-pair is more forgiving, however, it works on both 22 and 2340 which I thought odd since I thought the ip ssh command changes the SSH server listening port.
I have not yet permanently set the ip port-map command. However I ran it once and then did a sh ip port-map ssh
This showed system defined ssh port maps for tcp and udp on 22, and then my user defined one for tcp port 2340. Interesting that the system-defined ones are both UDP and TCP - I thought SSH was TCP only.
According to the IOS command referendces (for release 15.2), I should not be able to remove the system-defined port map entries as it would give an error. However, I did no ip port-map ssh port tcp 22 and the same for the UDP entry and they disappeared - so now for sh ip port-map ssh I get no results returned. Yet, SSH still works on 22 and 2340.
Be that as it may, after some further testing I've concluded that with or without use of the ip port-map ssh port tcp 2340 entry, SSH works (from LAN to Self) on either port 22 or 2340. It seems ip port-map has no effect on the SSH server itself (?). Or perhaps PAM is overridden by the ip ssh commands?
So at that point I decided to stop testing, not doing anything with firewall yet, until I understand things better. So far, the IOS is very confusing in it's behavior.
Changing the SSH server's listening port via ip ssh command to something other than 22 seems to not actually change anything, it just adds that port in addition to 22.
Port-application mapping appears to have no effect on the SSH server (I have not tested whether ip ssh overrides PAM or vice versa)
So far there seems to be no way to actually change port 22 usage - even "deleting" the PAM entry for ssh via 22 has no effect.
Confusing! -
How to close Mobile Mouse Server?
I was doing an update on the App Mobile Mouse Server and when it weas ready to install it indicated I needed to close the App before it could install the update. The app is not in the dock and I don't know how to close it. Help Please!!!
Hi,
In the field for local server you just type in the local dns name for your calendar server, mail server etc... Also select which port you want publish externally and the the correct port your service is actually using on your lan (Selected under advanced tab). Make sure your mobile access server can resolv your hostnames correctly. It should point to an local ip. If an nslookup shows your public ip, you have to correct your local dns server (This is often called split dns configuration.)
To access this from outside your LAN you have setup NAT and permit the port you have configure your mobile access server to be the incomming port. How exactly you do that on the airport I am not sure, but I am sure it is explained in the user manual for the airport.
I found this video about the mobile access server on youtube: http://www.youtube.com/watch?v=_VRgl2bncZU
Hope this helps.
Bernt -
How to read from 4 serial ports
Hi
Does anyone know how to read from 4 COM ports with only 2 interupts? I can
manage it by using Close serial driver.vi, however this makes the amount of
allocated memory by Labview increase throughout my experiment and thereby
slows down the computer. I use Labview 4.0.1 on Win95.
Regards
Frede LeiHi,
Thanks for the reply however I could able to write the PCR to read one variable without wagetype. My question is, I have 6 variables in VAR table and now I want to read all the variable and based on the variable I need to create the 6 wagetype each for each variable.
I know to create the wagetype with one variable.
ZSSB CCE : restore 7SSB wage types paid separately in RT
AMT=& VSSB Set
AMT?0 Comparison
ADDWTI7SSB IT Input table
=
However, how I could create the only 1 PCR for 6 variable?
regards,
Saurabh Garg -
How to close connection to GraphicsEnvironment / x-server
Hello all.
I have a long-running terminal-application which has a command to bring up a (swing) gui to monitor current execution state. The gui can be closed but the application will keep running.
This application is running on a remote server, and I am running it from my local machine through ssh. (All of this is happening on Linux)
Now, in order to be able to close the ssh connection without having to exit the running application I am using a software called screen that allows me to detach the process from the terminal. I can then logout from the ssh session without killing the process. Unfortunately this only works until opening the GUI, because once I did that the ssh connection cannot be closed anymore without exiting the application.
Note that even closing the GUI (i.e. calling dispose on the JFrame that carries it) does not help. After some trying around I found that as soon as I instantiate any gui components - without even showing them at all - the problem occurs. E.g. the code below reproduces the problem.
import javax.swing.*;
public class Main
public static void main(String[] args)
new JPanel(); // commenting this out stops the issue from reproducing.
while(true)
// This is where the application is still doing stuff. I have closed the gui, and want to log off now.
Thread.yield();
}I discussed this on LinuxQuestions.org and you can find the link to the thread below. It also contains additional background information on my question.
http://www.linuxquestions.org/questions/showthread.php?p=4894628#post4894628
Based on this discussion my current assumption is that as soon as any swing components are instantiated the class sun.awt.X11GraphicsEnvironment comes in and starts to make a connection to the X-Window server. The main reason why I believe that it's that particular class is that I am getting the following exception when I try to run the above code without enabling x11 fowarding in the ssh connection.
Exception in thread "main" java.lang.NoClassDefFoundError: Could not initialize class sun.awt.X11GraphicsEnvironment
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:186)
at java.awt.GraphicsEnvironment.getLocalGraphicsEnvironment(GraphicsEnvironment.java:82)
at sun.awt.X11.XToolkit.<clinit>(XToolkit.java:112)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:186)
at java.awt.Toolkit$2.run(Toolkit.java:849)
at java.security.AccessController.doPrivileged(Native Method)
at java.awt.Toolkit.getDefaultToolkit(Toolkit.java:841)
at sun.swing.SwingUtilities2$AATextInfo.getAATextInfo(SwingUtilities2.java:121)
at javax.swing.plaf.metal.MetalLookAndFeel.initComponentDefaults(MetalLookAndFeel.java:1564)
at javax.swing.plaf.basic.BasicLookAndFeel.getDefaults(BasicLookAndFeel.java:147)
at javax.swing.plaf.metal.MetalLookAndFeel.getDefaults(MetalLookAndFeel.java:1599)
at javax.swing.UIManager.setLookAndFeel(UIManager.java:530)
at javax.swing.UIManager.setLookAndFeel(UIManager.java:570)
at javax.swing.UIManager.initializeDefaultLAF(UIManager.java:1320)
at javax.swing.UIManager.initialize(UIManager.java:1407)
at javax.swing.UIManager.maybeInitialize(UIManager.java:1395)
at javax.swing.UIManager.getUI(UIManager.java:991)
at javax.swing.JPanel.updateUI(JPanel.java:126)
at javax.swing.JPanel.<init>(JPanel.java:86)
at javax.swing.JPanel.<init>(JPanel.java:109)
at javax.swing.JPanel.<init>(JPanel.java:117)
at Main.main(Main.java:7)This is also why I posted this question in this category, I hope this was appropriate.
I think that in order to be able to close the running ssh connection gracefully (i.e. without killing my application in the process) I have to find a way to close this connection to the X-Window server in the java application.
Could anybody enlighten me how to tell the JVM to cut the connection to the x-server? Or, obviously, let me know if I am on the wrong track :-)
Many thanks in advance either way.you can continue with :
try {
objFolder.open(Folder.READ_WRITE);
} catch (MessagingException me) {
objFolder.open(Folder.READ_ONLY);
Messages[] msgs = objFolder.getMessages();
FetchProfile objFP = new FetchProfile();
objFP.add(FetchProfile.Item.ENVELOPE);
objFP.add(FetchProfile.Item.FLAGS);
objFP.add("X-Mailer");
objFolder.fetch(msg, objFP);
// close down
objFolder.close()
store.close() -
QoS: Locally sourced SSH/Telnet/...
Doing some packet sniffing at the moment. I noticed that SSH/Telnet packets that are returning from Cisco Catalyst 3750 switches and Cisco 2800 routers are being marked with CS6. I was aware about Control Plane protocols that mark traffic with CS6/CS7, like IP Routing Protocols, STP, NHRP and others. Haven't heard anything about SSH/Telnet though. Those belong to Management Plane. Have googled for hours to find any Cisco document with the full list of protocols and how those are being marked (CS6/CS7) if sourced locally. Found nothing.
Anyone to spill the bins?
Much appreciateThanks for your input... Although it haven't made it clear
Here's my config
C3750#sh run all | inc ip.ssh|ip.telnet
ip ssh time-out 120
ip ssh authentication-retries 5
ip ssh break-string ~break
ip ssh dh min size 1024
C3750(config)#ip ssh dscp ?
<0-63> ip dscp value (default value 0 )
Looks odd to me. As I said, Wireshark displays all returning SSH frames (that is, originated on switch) with 802.1p = 6 and DSCP = CS6. The output above states the default value has to be 0, and I don't have any commands that rewrite the default behaviour.
I have QoS enabled on the switch (mls qos) with relevant maps created. I do not have any QoS policies for the locally originated traffic in place (i.e. ip policy globall command).
Strange
Maybe you are looking for
-
Onblur doesn't fire on autosuggest cfinput
Hello, I have a problem with the autosuggest cfinput. I am using Coldfusion 8 and Fusebox 5. Here is the sample of my code. <cfinput name="item_number" maxlength="20" type="text" maxResultsDisplayed="20" autosuggest="cfc:Inventory.model.lookupRoom.lo
-
I used to be able to choose print options with Firefox and now I can't. It forces me to use photo paper when I want only to use plain paper. I do not have this problem with Safari or IE, just firefox. I have an office jet 4500 HP printer
-
We want the accounts to be posted to 5310 and sales org xx70
Hi All In april2008 invoice was created for company code 5610 and sales org xx60 now in Jan 2009 they have seized this company code 5610 and sales org xx60 and started operations on 5310 with sales org xx70 Now for business reasons (self billing) the
-
Does anyone know what's a decent temperature for my HD bay on my 24" iMac? My HD recently crashed (6 month old iMac) and I'm looking at my HD bay temp at it hovers around 106F. I've upped my fan speed but does anyone know if this is in the range of o
-
Spiceworks SQL disks vs disk_partitions vs physical_disks
I am attempting to write a custom SQL query to display all of the disk related information for a client of mine. They have one server that has multiple iSCSI LUNs connected to the server. I would like to show from iSCSI LUN all the way down to Wind