How do I Close these ports?

error

Registered
I have these ports open:
  • 111
  • 760
  • 763

I ran the command lsof -i:111 and it returned:

lsof: WARNING: compiled for Darwin release 1.0; this is 1.3.3.

Then I ran the same command for port 760 and got:

[localhost:~] error% lsof -i:760
lsof: WARNING: compiled for Darwin release 1.0; this is 1.3.3.
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
loginwind 2060 error 13u inet 0x023da334 0t0 TCP localhost.callatg.com:969->localhost.callatg.com:krbupdate (ESTABLISHED)

When running "lsof -i:763" I get the same error as I do for port 111.

I dont understand why I am listening on port 760 so I killed it with the command: kill -9 2060

It simply dumped me back to the login window.
Much faster then logging out :D

However I want to close those ports.

My current project is to set up ssh, ftp and apache securly and I have done it for the most part but I have these other open ports.

I dont understand why any ports would be open at all on a default instal of OS X client.

I just installed the developer tools if that helps any (but these were open already).

Can anyone help me?

Thanks :)
 
I don't know for what processes, but these ports seem to be open and used by the system, but you should be able to protect yourself from abuse using the built-in firewall. You can just turn off access to those ports from any source other than Loopback.

Check out Brickhouse or Firewalk X, but I think the command would look something like this:
Code:
% <b>sudo ipfw add 100 allow ip from any to any via lo0</b>
% <b>sudo ipfw add 110 deny ip from any to 111</b>
% <b>sudo ipfw add 120 deny ip from any to 760</b>
% <b>sudo ipfw add 130 deny ip from any to 763</b>
Firewall pros, did I make any mistakes here?

This will reset when you reboot, so you'd have to add a StartupItems script to call this again. Or use Brickhouse or Firewalk X.

-Rob
 
Back
Top