How to close my Mint to the outside?
Posted: Fri Dec 28, 2012 8:42 pm
Hey there.
Since I experimented with OwnCloud, UPnP and the like, at home, I was wondering what services/servers/... are currently running on my machine without my knowledge. Because, maybe somebody could exploit me via them or follow me through the web by looking at my config.
My questions are:
1. How can I shut down permanently what I don't need and avoid starting it by accident (or by ignorance).
2. What can I do to see whats up in the network permanently (like a this-program-connects-to-that-IP widget).
3. Maybe there is a resource you can point me at, where I can learn more about this topic. So that I can keep an eye on the network myself.
For your information:
I run an always updated Linux Mint Maya 64 bit and I have DSL-Internet connected by a router (the OpenWRT router connects with PPPoE to the provider). I use XBMC (not permanently) to play music on my android pad and I use the pad sometimes as a remote for XBMC. Through the week I have to connect regulary to work via VPN, which I do with the network manager (the connection sometimes crashes, they say this is because too much broken packages when I recieve a bunch of data, switching it off an on again helps now and then). Somehow I can connect to phpMyAdmin and the IP of the PC via the lan (*hurrrr durrr* I don't need this!!). And I want to share folders with the pad, but I couldn't get my mind to it these days, procrastination first
Its true, much of the security depends on the router settings, but anyway, maybe I can tighten things up. I can't afford to leak any data from the VPN in the internet after I shut it down and vice versa, for example.
At the moment, WINE is running, and Firefox. When I run netstat -l I get this output:
(HÖRT = listen)
tl;dr How can I shut my machine to the outside, while still use the VPN and my XBMC (lan) media sharing?
Since I experimented with OwnCloud, UPnP and the like, at home, I was wondering what services/servers/... are currently running on my machine without my knowledge. Because, maybe somebody could exploit me via them or follow me through the web by looking at my config.
My questions are:
1. How can I shut down permanently what I don't need and avoid starting it by accident (or by ignorance).
2. What can I do to see whats up in the network permanently (like a this-program-connects-to-that-IP widget).
3. Maybe there is a resource you can point me at, where I can learn more about this topic. So that I can keep an eye on the network myself.
For your information:
I run an always updated Linux Mint Maya 64 bit and I have DSL-Internet connected by a router (the OpenWRT router connects with PPPoE to the provider). I use XBMC (not permanently) to play music on my android pad and I use the pad sometimes as a remote for XBMC. Through the week I have to connect regulary to work via VPN, which I do with the network manager (the connection sometimes crashes, they say this is because too much broken packages when I recieve a bunch of data, switching it off an on again helps now and then). Somehow I can connect to phpMyAdmin and the IP of the PC via the lan (*hurrrr durrr* I don't need this!!). And I want to share folders with the pad, but I couldn't get my mind to it these days, procrastination first
Its true, much of the security depends on the router settings, but anyway, maybe I can tighten things up. I can't afford to leak any data from the VPN in the internet after I shut it down and vice versa, for example.
At the moment, WINE is running, and Firefox. When I run netstat -l I get this output:
Code: Select all
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 localhost:mysql *:* LISTEN
tcp 0 0 *:netbios-ssn *:* LISTEN
tcp 0 0 localhost:domain *:* LISTEN
tcp 0 0 localhost:ipp *:* LISTEN
tcp 0 0 *:microsoft-ds *:* LISTEN
tcp 0 0 localhost:13666 *:* LISTEN
tcp6 0 0 [::]:netbios-ssn [::]:* LISTEN
tcp6 0 0 [::]:http [::]:* LISTEN
tcp6 0 0 ip6-localhost:ipp [::]:* LISTEN
tcp6 0 0 [::]:microsoft-ds [::]:* LISTEN
udp 0 0 localhost:domain *:*
udp 0 0 192.168.1.25:netbios-ns *:*
udp 0 0 bob.local:netbios-ns *:*
udp 0 0 *:netbios-ns *:*
udp 0 0 192.168.1.2:netbios-dgm *:*
udp 0 0 bob.local:netbios-dgm *:*
udp 0 0 *:netbios-dgm *:*
udp 0 0 *:mdns *:*
udp 0 0 *:50451 *:*
udp6 0 0 [::]:43021 [::]:*
udp6 0 0 [::]:mdns [::]:*
Aktive Sockets in der UNIX-Domäne (Nur Server)
Proto RefCnt Flags Type State I-Node Pfad
unix 2 [ ACC ] STREAM HÖRT 11588 @/tmp/dbus-bIbcc3PcfE
unix 2 [ ACC ] STREAM HÖRT 9162 /tmp/.X11-unix/X0
unix 2 [ ACC ] STREAM HÖRT 9172 /tmp/.winbindd/pipe
unix 2 [ ACC ] STREAM HÖRT 11450 /tmp/keyring-rpWX2j/control
unix 2 [ ACC ] STREAM HÖRT 10833 /tmp/ssh-XstIrgbK1872/agent.1872
unix 2 [ ACC ] STREAM HÖRT 11596 /tmp/.ICE-unix/1872
unix 2 [ ACC ] STREAM HÖRT 10876 /tmp/keyring-rpWX2j/ssh
unix 2 [ ACC ] STREAM HÖRT 11783 /tmp/keyring-rpWX2j/gpg
unix 2 [ ACC ] STREAM HÖRT 11784 /tmp/keyring-rpWX2j/pkcs11
unix 2 [ ACC ] STREAM HÖRT 8214 /var/run/avahi-daemon/socket
unix 2 [ ACC ] STREAM HÖRT 11595 @/tmp/.ICE-unix/1872
unix 2 [ ACC ] STREAM HÖRT 8998 /var/run/acpid.socket
unix 2 [ ACC ] STREAM HÖRT 7475 @/com/ubuntu/upstart
unix 2 [ ACC ] STREAM HÖRT 10053 /var/run/mysqld/mysqld.sock
unix 2 [ ACC ] STREAM HÖRT 6986 /var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM HÖRT 10321 /var/run/samba/unexpected
unix 2 [ ACC ] STREAM HÖRT 1236177 @/tmp/dbus-8DhcSvsQS6
unix 2 [ ACC ] STREAM HÖRT 8227 @/org/bluez/audio
unix 2 [ ACC ] STREAM HÖRT 9161 @/tmp/.X11-unix/X0
unix 2 [ ACC ] STREAM HÖRT 9613 /var/run/mdm_socket
unix 2 [ ACC ] STREAM HÖRT 1254519 socket
unix 2 [ ACC ] SEQPAKET HÖRT 7581 /run/udev/control
unix 2 [ ACC ] STREAM HÖRT 755128 /var/run/cups/cups.sock
unix 2 [ ACC ] STREAM HÖRT 9173 /var/run/samba/winbindd_privileged/pipe
unix 2 [ ACC ] STREAM HÖRT 7133 /var/run/sdp
tl;dr How can I shut my machine to the outside, while still use the VPN and my XBMC (lan) media sharing?