# How do I Close these ports?



## error (Jun 19, 2001)

I have these ports open:

111
760
763

I ran the command lsof -i:111 and it returned:

*lsof: WARNING: compiled for Darwin release 1.0; this is 1.3.3.*

Then I ran the same command for port 760 and got:

*[localhost:~] error% lsof -i:760
lsof: WARNING: compiled for Darwin release 1.0; this is 1.3.3.
COMMAND    PID  USER   FD   TYPE     DEVICE SIZE/OFF NODE NAME
loginwind 2060 error   13u  inet 0x023da334      0t0  TCP localhost.callatg.com:969->localhost.callatg.com:krbupdate (ESTABLISHED)

When running "lsof -i:763" I get the same error as I do for port 111.

I dont understand why I am listening on port 760 so I killed it with the command: kill -9 2060

It simply dumped me back to the login window.
Much faster then logging out  

However I want to close those ports.

My current project is to set up ssh, ftp and apache securly and I have done it for the most part but I have these other open ports.

I dont understand why any ports would be open at all on a default instal of OS X client.

I just installed the developer tools if that helps any (but these were open already).

Can anyone help me?

Thanks *


----------



## rharder (Jun 20, 2001)

I don't know for what processes, but these ports seem to be open and used by the system, but you should be able to protect yourself from abuse using the built-in firewall. You can just turn off access to those ports from any source other than Loopback.

Check out Brickhouse or Firewalk X, but I think the command would look something like this:
	
	



```
% <b>sudo ipfw add 100 allow ip from any to any via lo0</b>
% <b>sudo ipfw add 110 deny ip from any to 111</b>
% <b>sudo ipfw add 120 deny ip from any to 760</b>
% <b>sudo ipfw add 130 deny ip from any to 763</b>
```
Firewall pros, did I make any mistakes here?

This will reset when you reboot, so you'd have to add a StartupItems script to call this again. Or use Brickhouse or Firewalk X.

-Rob


----------

