(5关闭rpc.statd服务.docxVIP

关闭rpc.statd服务为了让linux主机少一些隐患，我们要尽可能把一些不需要的服务取消或者删掉。我们可以先来看看目前有哪些端口是开着的[root@localhost linsc]# nmap Starting nmap 3.70 ( /nmap/ ) at 2007-12-05 21:28 CSTInteresting ports on localhost.localdomain ():(The 1652 ports scanned but not shown below are in state: closed)PORT STATE SERVICE21/tcp open ftp22/tcp open ssh25/tcp open smtp80/tcp open http766/tcp open unknown3306/tcp open mysql8009/tcp open ajp138080/tcp open http-proxyNmap run completed -- 1 IP address (1 host up) scanned in 0.194 seconds可以看到 766 端口是打开着的，一个 unknown 的服务正在运行，这是什么服务？这个时候我也不知道。[root@localhost linsc]# netstat -lp可以看到有下面一条内容，tcp 0 0 *:766 *:* LISTEN 3128/rpc.statd说明是 rpc.statd 正在运行。就看766是什么命令执行的监听端口的另外一个办法[root@localhost linsc]# lsof -i:766COMMAND PID USER FD TYPE DEVICE SIZE NODE NAMErpc.statd 3128 rpcuser 8u IPv4 6467 TCP *:766 (LISTEN)查看rpc.statd这个命令是那个安装包的文档[root@localhost linsc]# rpm -qf /sbin/rpc.statdnfs-utils-1.0.6-80.EL4查看nfs开头有那些东西[root@localhost linsc]# ls /etc/init.d/nfs*/etc/init.d/nfs /etc/init.d/nfslock查看nfslock状态[root@localhost linsc]# /etc/init.d/nfslock statusrpc.statd (pid 3128) 正在运行...[root@localhost linsc]# vi /etc/services找到里面的 nfs ，在前面加 # 注释掉，重启，[root@localhost linsc]# nmap Starting nmap 3.70 ( /nmap/ ) at 2007-12-05 21:55 CSTInteresting ports on localhost.localdomain ():(The 1653 ports scanned but not shown below are in state: closed)PORT STATE SERVICE21/tcp open ftp22/tcp open ssh25/tcp open smtp80/tcp open http3306/tcp open mysql8009/tcp open ajp138080/tcp open http-proxyNmap run completed -- 1 IP address (1 host up) scanned in 0.194 seconds