OESF | ELSI | pdaXrom | OpenZaurus | Zaurus Themes | Community Links | Ibiblio

IPB

Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> Cacko qpe listens on ports 4992 and 4244, Any way to disable this?
stupkid
post Sep 20 2004, 12:08 PM
Post #1





Group: Members
Posts: 578
Joined: 2-January 04
From: Texas USA
Member No.: 1,324



Is there a way of disabling qpe from listening on 4992 and 4244? On my Cacko 1.21b ROM as root:

# netstat -nap --protocol=inet
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:4992 0.0.0.0:* LISTEN 242/qpe
tcp 0 0 0.0.0.0:4244 0.0.0.0:* LISTEN 242/qpe

Since I do not use this service to sync it would be nice to disable. If I can't disable I guess it could be secured with iptables/ipchains etc. Does QPE recognize hosts.allow? Any ideas?

Thanks!
Go to the top of the page
 
+Quote Post
stupkid
post Sep 25 2004, 11:52 AM
Post #2





Group: Members
Posts: 578
Joined: 2-January 04
From: Texas USA
Member No.: 1,324



No ideas on turning this off at all? chirp...chirp...chirp (crickets). sad.gif
Go to the top of the page
 
+Quote Post
tumnus
post Sep 25 2004, 12:43 PM
Post #3





Group: Members
Posts: 1,176
Joined: 3-October 03
From: UK
Member No.: 547



This FAQ is for the old 5500 ROMs but the principle is the same:

http://www.zaurususergroup.com/FAQ+index-m...at-12.phtml#106

Qtopia isn't very good about sticking to Linux/POSIX standards like this.
Go to the top of the page
 
+Quote Post
KA6AH
post Oct 29 2005, 01:21 PM
Post #4





Group: Members
Posts: 4
Joined: 13-October 05
Member No.: 8,311



I've searched the whole forum and google, but still cat't figure out: what port 4992 is used for? Maybe, it is useful for something prior to disable it?

Found one opinion about qpe sound server listening on that port (in IRC channel logs), but the source does not seem to be very competent..
Go to the top of the page
 
+Quote Post
lardman
post Oct 31 2005, 03:38 AM
Post #5





Group: Members
Posts: 4,515
Joined: 25-October 03
From: Bath, UK
Member No.: 464



There was a thread about this on the devnet iirc, is there a backup of that anywhere?


Si
Go to the top of the page
 
+Quote Post
KA6AH
post Dec 8 2006, 02:36 AM
Post #6





Group: Members
Posts: 4
Joined: 13-October 05
Member No.: 8,311



I've found some info about what these ports are used for (here):

4242 - ftp server login: root passwword: NONE!

This allows anyone to access any file on any zaurus that is network connected. Files can be downloaded, uploaded, or deleted! This ftp server does not even look at the password file. The login name and blank password are hard coded into the ftp server!

4243 - behaves a little like rsync

This port is totaly unencrypted and the login/password combination used by the desktop sync software can be snooped with tcpdump with no problem. The login/password combination are hard coded and can not be changed!

4992 - probably also part of the desktop sync
Go to the top of the page
 
+Quote Post
Da_Blitz
post Dec 9 2006, 02:33 AM
Post #7





Group: Members
Posts: 1,565
Joined: 7-April 05
From: Sydney, Australia
Member No.: 6,806



i guess thats why we recomend firewalls on these thinggs wink.gif
Go to the top of the page
 
+Quote Post
speculatrix
post Dec 9 2006, 02:00 PM
Post #8





Group: Admin
Posts: 3,281
Joined: 29-July 04
From: Cambridge, England
Member No.: 4,149



just install iptables and then write a simply startup script called firewall... search the forums for "iptables" and you'll find lots of examples.
Go to the top of the page
 
+Quote Post
sdjf
post Mar 12 2007, 08:15 AM
Post #9





Group: Members
Posts: 454
Joined: 17-November 05
Member No.: 8,551



QUOTE(stupkid @ Sep 20 2004, 12:08 PM)
Is there a way of disabling qpe from listening on 4992 and 4244?  On my Cacko 1.21b ROM as root:

# netstat -nap --protocol=inet
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:4992 0.0.0.0:* LISTEN 242/qpe
tcp 0 0 0.0.0.0:4244 0.0.0.0:* LISTEN 242/qpe

Since I do not use this service to sync it would be nice to disable.  If I can't disable I guess it could be secured with iptables/ipchains etc.  Does QPE recognize hosts.allow?  Any ideas?

Thanks!
*


I realize this is a very old thread, but here's another take on the situation. The sl5500 stock ROMs are continually respawning ttyS0, and if that is where the listening to the ports comes from, stopping the respawning (if you don't need it) should do the trick. I see no such ports when I run netstat, since I have ttyS0 disabled.

I give instructions for disabling ttyS0 at http://www.sdjf.esmartdesign.com/respawn.html

Oops! I didn't enter the arguments for netstat correctly, and see that my Z is listening on 22, 111, 4242, 4243, and 4992 when I am online, and on just 4242, 4243, and 4992 when offline. So there is no 4244, but other ports. And I don't know how to see what tty is associated with what. Hopefully the respawning idea will help, and sorry about messing up on the report about ports.

sdjf

This post has been edited by sdjf: Mar 12 2007, 12:15 PM
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
2 User(s) are reading this topic (2 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 16th September 2014 - 03:30 PM