18

I'm configuring a new install of Ubuntu 9.04 laptop and when I do a port scan, I find that TCP 631 (IPP) is open. What do I do to disable this listening port?

Bob
  • 345

6 Answers6

17

CUPS, which is part of the Linux Standard Base, is enabled. To stop the service:

sudo /etc/init.d/cupsys stop

To disable it from startup:

update-rc.d -f cupsys remove
update-rc.d cupsys stop 20 2 3 4 5 .
jtimberman
  • 21,727
  • 1
    Or don't - it's possible that Bob didn't realize this is CUPS, and he may not want to shut printing down. – David Thornley Aug 19 '09 at 17:09
  • 3
    I do know that it's CUPS, and printing is not necessary for this machine so shutting down the service is a viable options. So does CUPS require this port be listening in order to function? – Bob Aug 19 '09 at 19:17
4

Another way to stop this print server is to open a terminal shell ctrl + alt + t and type sudo service cups stop

This will stop the server and close the port, but it will restart on a reboot. You could also restart or start the service this way simply substituting restart or start where stop is in the command. :D

user_loser
  • 151
3

Ubuntu 9.04 has "no open ports" by policy.

https://wiki.ubuntu.com/Security/Features/Historical

https://wiki.ubuntu.com/Security/Features/Historical#ports

Testing for this can be done with netstat -an --inet | grep LISTEN | grep -v 127.0.0.1: on a fresh install.

(This covers ipv4. A different command is needed for ipv6).

I believe you will find a new install of Ubuntu is listening on the address 127.0.0.1, which is only accessible from your own computer. If you scan e.g. nmap localhost, this will find the localhost IPP listener. But, if you scan the IP address of your network interface, you will not find any listener. To find the IP address of your network interface, you can run ifconfig, for example my current IP address is 172.16.1.8:

$ ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.16.1.8  netmask 255.255.255.0  broadcast 172.16.1.255
        inet6 fd5e:fcf3:b885:10:250:43ff:fe01:c0ab  prefixlen 64  scopeid 0x0<global>
        inet6 fe80::250:43ff:fe01:c0ab  prefixlen 64  scopeid 0x20<link>
        ether 00:50:43:01:c0:ab  txqueuelen 1000  (Ethernet)
        RX packets 15144365  bytes 1999269267 (1.8 GiB)
        RX errors 3  dropped 3  overruns 0  frame 0
        TX packets 13871393  bytes 725196571 (691.6 MiB)
        TX errors 0  dropped 4712 overruns 0  carrier 0  collisions 0
        device interrupt 35  

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1  (Local Loopback)
        RX packets 3626080  bytes 405627539 (386.8 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 3626080  bytes 405627539 (386.8 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
sourcejedi
  • 3,282
2

If you scan from that machine, like:

nmap localhost

It will show the ipp port but if you scan that same machine from any other machine there really are not any open ports, like:

nmap foobar.com

So while it looks like something to worry about, it is not really anything to worry about.

Vincent Cate
  • 21
2

Don't disable it, this is your printer!

To enable it again you can add port TCP 631 to your Firewall. Just type 631 in the Firewall.

More info at the Ubuntu Forums:

Thank you ! I have just deleted the port 631/tcp from FIREWALL because Facebook disconnected me alone wich gave me suspicions. So this was my printer !!! So just I'll just add again ALLOW IN TCP 631 inside my FIREWALL.

slhck
  • 228,104
francoise_peace
  • 21
  • 1
0

if you want to stop that service use:

"sudo systemctl stop cups.service && sudo systemctl disable cups.service"
ThugLife
  • 31
  • 2
    -1. The development of systemd started in 2010, Ubuntu 9.04 is older. I think Ubuntu fully supports systemd from the version 15.04. – Kamil Maciorowski Jul 12 '18 at 16:44
  • my bad... didnt see "UBUNTO 9.04" :D – ThugLife Jul 12 '18 at 16:48
  • This still can be useful for folks looking for info, this certainly doesn't deserve downvotes, could well be edited to make it more useful. – 0xc0de Aug 27 '20 at 16:32
  • Yeah this is actually good because, first of all, 9.04 is more than a decade past EOL and all other versions that didn't come with systemd are also EOL. But most importantly, this prevents the service from automatically starting up after a reboot and you can still call the service to start it up manually with sudo systemctl start cups – mchid May 07 '23 at 20:20