NetMAXFAQ : Advanced Configuration :
If I don't have a firewall, how should I lockdown my NetMAX?
address-suppressed
address-suppressed
Login to your machine as root.
The most important command you will be using is the netstat command, to see what ports you have services running on.
netstat -tupan localhost
Make sure that you haven't configured the localhost alias to point to a different machine other than your own.
If you are going to disable telnet services, you will want to do all of this at the console, and not from within a telnet session.
Run the above netstat command to see what services you have open. By default, you should have:
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN 727/inetd tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 3032/sendmail: acce tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN 3002/slapd tcp 0 0 127.0.0.1:80 0.0.0.0:* LISTEN 2981/httpd-users tcp 0 0 10.254.1.99:80 0.0.0.0:* LISTEN 2981/httpd-users tcp 0 0 10.254.1.99:53 0.0.0.0:* LISTEN 2922/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 2922/named tcp 0 0 0.0.0.0:548 0.0.0.0:* LISTEN 2881/afpd tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 727/inetd tcp 0 0 0.0.0.0:109 0.0.0.0:* LISTEN 727/inetd tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 727/inetd tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 727/inetd tcp 0 0 0.0.0.0:79 0.0.0.0:* LISTEN 727/inetd tcp 0 0 0.0.0.0:70 0.0.0.0:* LISTEN 727/inetd tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 2573/smbd tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 2464/portmap tcp 0 0 0.0.0.0:1024 0.0.0.0:* LISTEN 1417/xdm tcp 0 0 0.0.0.0:5150 0.0.0.0:* LISTEN 1142/httpd tcp 0 0 0.0.0.0:513 0.0.0.0:* LISTEN 727/inetd tcp 0 0 0.0.0.0:514 0.0.0.0:* LISTEN 727/inetd udp 0 0 0.0.0.0:53 0.0.0.0:* 2922/named udp 0 0 10.254.1.99:53 0.0.0.0:* 2922/named udp 0 0 127.0.0.1:53 0.0.0.0:* 2922/named udp 0 0 10.254.1.99:138 0.0.0.0:* 2558/nmbd udp 0 0 10.254.1.99:137 0.0.0.0:* 2558/nmbd udp 0 0 0.0.0.0:138 0.0.0.0:* 2558/nmbd udp 0 0 0.0.0.0:137 0.0.0.0:* 2558/nmbd udp 0 0 0.0.0.0:111 0.0.0.0:* 2464/portmap udp 0 0 0.0.0.0:177 0.0.0.0:* 1417/xdm udp 0 0 0.0.0.0:161 0.0.0.0:* 1408/snmpd udp 0 0 0.0.0.0:520 0.0.0.0:* 760/routed
You want to look at the Local Address column, which shows which local address and which port the internet service is running on. The PID/Program Name column is also invaluable at finding out which service is running on this port and where we might turn it off at.
Your services will almost definately be listed in a different order than the ones here. But you should see the same services.
We're going to start at the top, and work our way down. The first thing that we find is a service running on port 23 (the standard telnet port). If you're unsure what a port is usually used for, you can always look up the port number in the services file with the following command:
grep " 23/" /etc/services
The space and slash just avoid us from getting services for 223, or 231 with our grep command.
You can also look and see what program is using the PID 721:
psg 721
This actually shows us that inetd is controlling this service. Inetd is just a daemon that handles a lot of other daemons. Whenever a Program Name starts with "in.", it usually means that the program is being run with tcpwrappers. The reason is because tcpwrappers usually replaces the old daemon with it's own, and names the new one in.daemon. Inet daemons handled by inetd are configured with the /etc/inetd.conf file.
If you're not going to use telnetd, you can stop inetd from making it available by commenting out the line in your /etc/inetd.conf file that starts the daemon. You comment lines out by using a pound sign (#) as the first character of the line.
So change this line:
telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd
To read:
#telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd
As long as we're in here, lets shut down every inet daemon that we don't plan on using. So I'll comment out the following lines as well:
#gopher stream tcp nowait root /usr/sbin/tcpd gn #shell stream tcp nowait root /usr/sbin/tcpd in.rshd #login stream tcp nowait root /usr/sbin/tcpd in.rlogind #finger stream tcp nowait root /usr/sbin/tcpd in.fingerd #ftp stream tcp nowait root /usr/netmax/sbin/in.ftpd in.ftpd -l -a #imap stream tcp nowait root /usr/netmax/libexec/imapd imapd #pop2 stream tcp nowait root /usr/netmax/libexec/ipop2d ipop2d #pop3 stream tcp nowait root /usr/netmax/libexec/ipop3d ipop3d
Basically this is going to shut down all of the inet daemons started by inetd. If you are using your server as a mail server, you probably don't want to comment out imap, pop2, or pop3. If you are using your server as an ftp server, you probably don't want to comment out ftp. If you are doing this from a telnet session, you definately don't want to comment out telnet. If you don't know what the other services are, you probably don't need them. Ensure that you save your changes to this file, after modifying it.
This will stop the daemons from starting, but we need to shut them down, because they're already running for this session. So we want to SIGHUP inetd, so that it restarts, and rereads the /etc/inetd.conf file. Do this by running the following command:
signal_proc inetd HUP
We're going to run netstat again, and you'll see that there are a lot fewer ports open now:
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:80 0.0.0.0:* LISTEN 3760/httpd-users tcp 0 0 10.254.1.99:80 0.0.0.0:* LISTEN 3760/httpd-users tcp 0 0 0.0.0.0:5150 0.0.0.0:* LISTEN 3711/httpd tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 3032/sendmail: acce tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN 3002/slapd tcp 0 0 10.254.1.99:53 0.0.0.0:* LISTEN 2922/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 2922/named tcp 0 0 0.0.0.0:548 0.0.0.0:* LISTEN 2881/afpd tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 2573/smbd tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 2464/portmap tcp 0 0 0.0.0.0:1024 0.0.0.0:* LISTEN 1417/xdm udp 0 0 0.0.0.0:53 0.0.0.0:* 2922/named udp 0 0 10.254.1.99:53 0.0.0.0:* 2922/named udp 0 0 127.0.0.1:53 0.0.0.0:* 2922/named udp 0 0 10.254.1.99:138 0.0.0.0:* 2558/nmbd udp 0 0 10.254.1.99:137 0.0.0.0:* 2558/nmbd udp 0 0 0.0.0.0:138 0.0.0.0:* 2558/nmbd udp 0 0 0.0.0.0:137 0.0.0.0:* 2558/nmbd udp 0 0 0.0.0.0:111 0.0.0.0:* 2464/portmap udp 0 0 0.0.0.0:177 0.0.0.0:* 1417/xdm udp 0 0 0.0.0.0:161 0.0.0.0:* 1408/snmpd udp 0 0 0.0.0.0:520 0.0.0.0:* 760/routed
Let's start at the top again. We see that httpd-users is running on port 80, and is actually listening on two different IP addresses. This is the webserver that comes with the WebServer product. If you are only using your WebServer as a mail server, you may want to shut it down. This server is started in the /usr/netmax/etc/rc.d/http.sh script.
The first thing we need to do is disable the http_check script which checks to see if your http servers are running. Because otherwise, we'll shut them down, but they'll just be started back up. Note that this script also keeps the admin web server running. So it's potentially dangerous to do. But to stop http_check from running, we need to comment out the following line in the /etc/crontab file:
0,30 * * * * root /usr/netmax/bin/http_check.pl
So that it now reads:
#0,30 * * * * root /usr/netmax/bin/http_check.pl
Next, to stop http the server from starting, we want to edit the /usr/netmax/etc/rc.d/http.sh script so that the following lines:
start)
doAdmin
# An un-configured NetMAX does not run user web pages
if [ -f /tmp/.new ]; then exit 0; fi
if [ $enabled -eq 1 ]; then
/usr/netmax/bin/suidscript -U NMcmd_echo.nonewline ' apache(users)'
$BIN_U -f $CONF_U
fi
;;
are changed to read the following:
start)
doAdmin
# An un-configured NetMAX does not run user web pages
if [ -f /tmp/.new ]; then exit 0; fi
# if [ $enabled -eq 1 ]; then
# /usr/netmax/bin/suidscript -U NMcmd_echo.nonewline ' apache(users)'
# $BIN_U -f $CONF_U
# fi
;;
Ensure that you save these changes. We then need to shut the webserver down, since it's already running for this session. To do this, type the following command:
signal_proc httpd-users TERM 10
Let's run netstat again:
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:5150 0.0.0.0:* LISTEN 3711/httpd tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 3032/sendmail: acce tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN 3002/slapd tcp 0 0 10.254.1.99:53 0.0.0.0:* LISTEN 2922/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 2922/named tcp 0 0 0.0.0.0:548 0.0.0.0:* LISTEN 2881/afpd tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 2573/smbd tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 2464/portmap tcp 0 0 0.0.0.0:1024 0.0.0.0:* LISTEN 1417/xdm udp 0 0 0.0.0.0:53 0.0.0.0:* 2922/named udp 0 0 10.254.1.99:53 0.0.0.0:* 2922/named udp 0 0 127.0.0.1:53 0.0.0.0:* 2922/named udp 0 0 10.254.1.99:138 0.0.0.0:* 2558/nmbd udp 0 0 10.254.1.99:137 0.0.0.0:* 2558/nmbd udp 0 0 0.0.0.0:138 0.0.0.0:* 2558/nmbd udp 0 0 0.0.0.0:137 0.0.0.0:* 2558/nmbd udp 0 0 0.0.0.0:111 0.0.0.0:* 2464/portmap udp 0 0 0.0.0.0:177 0.0.0.0:* 1417/xdm udp 0 0 0.0.0.0:161 0.0.0.0:* 1408/snmpd udp 0 0 0.0.0.0:520 0.0.0.0:* 760/routed
Starting at the top, we see that httpd is running on port 5150. This is the NetMAX web interface, which we DON'T want to shut down.
The next item is sendmail running on port 25. If you don't want the NetMAX to be able to receive/relay email, then you can disable sendmail. Sendmail is started in the /etc/rc.d/init.d/sendmail file. To stop sendmail from starting, you want to add an "exit" to the beginning of the script. So you want to change the following lines:
#!/bin/sh # # sendmail This shell script takes care of starting and stopping # sendmail. # # chkconfig: 2345 80 30 # description: Sendmail is a Mail Transport Agent, which is the program \ # that moves mail from one machine to another. # processname: sendmail # config: /etc/sendmail.cf # pidfile: /var/run/sendmail.pid if [ -e /tmp/.new ]; then exit 0 fi
So that they now look like this:
#!/bin/sh # # sendmail This shell script takes care of starting and stopping # sendmail. # # chkconfig: 2345 80 30 # description: Sendmail is a Mail Transport Agent, which is the program \ # that moves mail from one machine to another. # processname: sendmail # config: /etc/sendmail.cf # pidfile: /var/run/sendmail.pid exit 0 if [ -e /tmp/.new ]; then exit 0 fi
Ensure that you save these changes. We then need to shut sendmail down, since it's already running for this session. To do this, type the following commands:
signal_proc sendmail KILL
rm -f /var/lock/subsys/sendmail
The next service we find in our netstat is slapd running on port 389. This is the LDAP services daemon. This service is started in the /usr/netmax/etc/rc.d/ldap.sh script. To stop slapd from starting, you want to add an "exit" to the beginning of the script. So you want to change the following lines:
#!/bin/sh # # $Id: 328,v 1.10 2003/07/07 15:46:51 nobody Exp nobody $ BIN="/usr/netmax/etc/ldap/slapd" CONF="/var/conf/slapd/myslapd.conf" PID="/var/run/slapd.pid"
So that they now look like this:
#!/bin/sh # # $Id: 328,v 1.10 2003/07/07 15:46:51 nobody Exp nobody $ exit 0 BIN="/usr/netmax/etc/ldap/slapd" CONF="/var/conf/slapd/myslapd.conf" PID="/var/run/slapd.pid"
Ensure that you save these changes. We then need to shut slapd down, since it's already running for this session. To do this, type the following command:
signal_proc slapd TERM 5
Let's do a netstat again:
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:5150 0.0.0.0:* LISTEN 3711/httpd tcp 0 0 10.254.1.99:53 0.0.0.0:* LISTEN 2922/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 2922/named tcp 0 0 0.0.0.0:548 0.0.0.0:* LISTEN 2881/afpd tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 2573/smbd tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 2464/portmap tcp 0 0 0.0.0.0:1024 0.0.0.0:* LISTEN 1417/xdm udp 0 0 0.0.0.0:53 0.0.0.0:* 2922/named udp 0 0 10.254.1.99:53 0.0.0.0:* 2922/named udp 0 0 127.0.0.1:53 0.0.0.0:* 2922/named udp 0 0 10.254.1.99:138 0.0.0.0:* 2558/nmbd udp 0 0 10.254.1.99:137 0.0.0.0:* 2558/nmbd udp 0 0 0.0.0.0:138 0.0.0.0:* 2558/nmbd udp 0 0 0.0.0.0:137 0.0.0.0:* 2558/nmbd udp 0 0 0.0.0.0:111 0.0.0.0:* 2464/portmap udp 0 0 0.0.0.0:177 0.0.0.0:* 1417/xdm udp 0 0 0.0.0.0:161 0.0.0.0:* 1408/ udp 0 0 0.0.0.0:520 0.0.0.0:* 760/routed
The next item that we see is named running on tcp and udp ports 53. In general, you don't want to shut down the named. The only reason you might want to do this is if you have the FileServer only. Still, you generally don't want to shut it down. But if you decide to, you want, it is started by the /usr/netmax/etc/rc.d/Named.sh script. To stop named from starting, you want to add an "exit" to the beginning of the script. So you want to change the following lines:
#!/bin/sh # # $Id: 328,v 1.10 2003/07/07 15:46:51 nobody Exp nobody $ BIN="/usr/sbin/named" CONFDIR="/etc/namedb" CONF="$CONFDIR/named.boot" BSDCONF="$CONFDIR/named.boot.bsd"
So that they now read:
#!/bin/sh # # $Id: 328,v 1.10 2003/07/07 15:46:51 nobody Exp nobody $ exit 0 BIN="/usr/sbin/named" CONFDIR="/etc/namedb" CONF="$CONFDIR/named.boot" BSDCONF="$CONFDIR/named.boot.bsd"
Ensure that you save these changes. We then need to shut named down, since it's already running for this session. To do this, type the following command:
/usr/netmax/bin/signal_proc named KILL 5
The next two items we see are afpd running on port 548 and smbd running on port 139. These are used for apple file sharing and windows filesharing. Unless you have the fileserver, you probably don't even want to use these services. And more than likely if you are using one, you're not using the other. In this case, we're going to shut them both down.
Apple talk is started in the /usr/netmax/etc/rc.d/ashare.sh script. To stop atalk from starting, you want to add an "exit" to the beginning of the script. So you want to change the following lines:
#!/bin/sh # # $Id: 328,v 1.10 2003/07/07 15:46:51 nobody Exp nobody $ BIN="/usr/netmax/atalk/etc/rc.atalk" CONF="/var/conf/atalk/atalkd.conf" APACHE_DIR="/var/conf/apache"
So that they now look like this:
#!/bin/sh # # $Id: 328,v 1.10 2003/07/07 15:46:51 nobody Exp nobody $ exit 0 BIN="/usr/netmax/atalk/etc/rc.atalk" CONF="/var/conf/atalk/atalkd.conf" APACHE_DIR="/var/conf/apache"
Ensure that you save these changes. We then need to shut afpd down, since it's already running for this session. To do this, type the following command:
/usr/netmax/atalk/etc/rc.atalk shutdown
Windows CIFS/SMB is started in the /usr/netmax/etc/rc.d/cifs.sh script. To stop smbd from starting, you want to add an "exit" to the beginning of the script. So you want to change the following lines:
#!/bin/sh # # $Id: 328,v 1.10 2003/07/07 15:46:51 nobody Exp nobody $ BINDIR="/usr/netmax/samba/bin" CONF="/var/conf/samba/smb.conf"
So that they now read:
#!/bin/sh # # $Id: 328,v 1.10 2003/07/07 15:46:51 nobody Exp nobody $ exit 0 BINDIR="/usr/netmax/samba/bin" CONF="/var/conf/samba/smb.conf"
Ensure that you save these changes. We then need to shut samba down, since it's already running for this session. To do this, type the following command:
/usr/netmax/bin/signal_proc smbd TERM 15
/usr/netmax/bin/signal_proc nmbd TERM 5
Let's do a netstat again:
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:5150 0.0.0.0:* LISTEN 7381/httpd tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 2464/portmap tcp 0 0 0.0.0.0:1024 0.0.0.0:* LISTEN 1417/ udp 0 0 0.0.0.0:111 0.0.0.0:* 2464/portmap udp 0 0 0.0.0.0:177 0.0.0.0:* 1417/ udp 0 0 0.0.0.0:161 0.0.0.0:* 1408/ udp 0 0 0.0.0.0:520 0.0.0.0:* 760/routed
Starting at the top, we see that portmap is running on port 111. Portmap is started in the SysV init process. The easiest way to maintain these services is with the chkconfig program. To see what services are started by init and in what run level, you can type:
/sbin/chkconfig --list
You will see output like this:
atd 0:off 1:off 2:off 3:on 4:on 5:on 6:off keytable 0:off 1:off 2:on 3:on 4:on 5:on 6:off netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off network 0:off 1:off 2:on 3:on 4:on 5:on 6:off random 0:off 1:on 2:on 3:on 4:on 5:on 6:off inet 0:off 1:off 2:off 3:on 4:on 5:on 6:off portmap 0:off 1:off 2:off 3:on 4:on 5:on 6:off routed 0:off 1:off 2:off 3:on 4:off 5:off 6:off rstatd 0:off 1:off 2:off 3:off 4:off 5:off 6:off rusersd 0:off 1:off 2:off 3:off 4:off 5:off 6:off rwhod 0:off 1:off 2:off 3:off 4:off 5:off 6:off syslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off nfslock 0:off 1:off 2:off 3:off 4:off 5:off 6:off nfs 0:off 1:off 2:off 3:off 4:off 5:off 6:off sendmail 0:off 1:off 2:on 3:on 4:on 5:on 6:off lpd.old 0:off 1:off 2:off 3:off 4:off 5:off 6:off
Not all init scripts will show. But only ones that have been configured to be included in chkconfig. Luckily for us, the services we need are included.
We can see by the output, that portmap runs in runlevels 3-5. So we need to turn it off in those runlevels by running the following command:
/sbin/chkconfig --level 345 portmap off
As long as we're here, we might as well turn off routed too. If your NetMAX is not acting as a router, you can probably disable it. You will be disabling your NetMAX's ability to get RIP traffic from your router, which could effect routing behavior and routing warning messages.
/sbin/chkconfig --level 3 routed off
Let's run chkconfig again, to make sure that our changes took effect:
atd 0:off 1:off 2:off 3:on 4:on 5:on 6:off keytable 0:off 1:off 2:on 3:on 4:on 5:on 6:off netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off network 0:off 1:off 2:on 3:on 4:on 5:on 6:off random 0:off 1:on 2:on 3:on 4:on 5:on 6:off inet 0:off 1:off 2:off 3:on 4:on 5:on 6:off portmap 0:off 1:off 2:off 3:off 4:off 5:off 6:off routed 0:off 1:off 2:off 3:off 4:off 5:off 6:off rstatd 0:off 1:off 2:off 3:off 4:off 5:off 6:off rusersd 0:off 1:off 2:off 3:off 4:off 5:off 6:off rwhod 0:off 1:off 2:off 3:off 4:off 5:off 6:off syslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off nfslock 0:off 1:off 2:off 3:off 4:off 5:off 6:off nfs 0:off 1:off 2:off 3:off 4:off 5:off 6:off sendmail 0:off 1:off 2:on 3:on 4:on 5:on 6:off lpd.old 0:off 1:off 2:off 3:off 4:off 5:off 6:off
Great. Now we need to stop the two services since they are still running for this session. These servers are generally started with links to scripts in the /etc/rc.d/init.d directory. So to stop them, we'll type the following commands:
/etc/rc.d/init.d/portmap stop
/etc/rc.d/init.d/routed stop
Let's do a netstat again:
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:5150 0.0.0.0:* LISTEN 7381/httpd tcp 0 0 0.0.0.0:1024 0.0.0.0:* LISTEN 1417/xdm udp 0 0 0.0.0.0:177 0.0.0.0:* 1417/xdm udp 0 0 0.0.0.0:161 0.0.0.0:* 1408/snmpd
Hey, we're almost done. The next two items are xdm and snmpd. You can shut down xdm if you're not using X windows for anything. You can also shut down snmpd because we're not expecting any system messages from other machines.
Xdm is started in the /usr/netmax/etc/rc.d/xdm.sh script. To stop xdm from starting, you want to add an "exit" to the beginning of the script. So you want to change the following lines:
#!/bin/sh # # $Id: 328,v 1.10 2003/07/07 15:46:51 nobody Exp nobody $ BIN1="/usr/local/bin/kdm" BIN2="/usr/X11R6/bin/xdm"
So that they now read:
#!/bin/sh # # $Id: 328,v 1.10 2003/07/07 15:46:51 nobody Exp nobody $ exit 0 BIN1="/usr/local/bin/kdm" BIN2="/usr/X11R6/bin/xdm"
Ensure that you save these changes. We then need to shut samba down, since it's already running for this session. To do this, type the following command:
/usr/netmax/bin/signal_proc xdm KILL
Snmpd is started in the /usr/netmax/etc/rc.d/snmp.sh script. To stop snmpd from starting, you want to add an "exit" to the beginning of the script. So you want to change the following lines:
#!/bin/sh # # $Id: 328,v 1.10 2003/07/07 15:46:51 nobody Exp nobody $ # PATH="/sbin:/bin:/usr/sbin:/usr/bin:/usr/netmax/bin:/usr/local/bin" BIN="snmpd"
So that they now read:
#!/bin/sh # # $Id: 328,v 1.10 2003/07/07 15:46:51 nobody Exp nobody $ # exit 0 PATH="/sbin:/bin:/usr/sbin:/usr/bin:/usr/netmax/bin:/usr/local/bin" BIN="snmpd"
Ensure that you save these changes. We then need to shut samba down, since it's already running for this session. To do this, type the following command:
/usr/netmax/bin/signal_proc snmpd TERM 5
Let's do another netstat:
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:5150 0.0.0.0:* LISTEN 7381/httpdHey wow! We're done.
But let's reboot and do a netstat again, just to be sure.
`locate Reboot.sh`
***
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:5150 0.0.0.0:* LISTEN 7381/httpd
address-suppressed
How do I stop SAMBA from starting up?