# How to lock 514 port.



## Handy92 (Jan 2, 2016)

I was scanned port znmap, and I have open 514 tcp, and udp port. How to lock it. I tried use IPFW but is not working. 



> Not shown: 1998 closed ports
> PORT  STATE  SERVICE  VERSION
> 514/tcp filtered  shell
> 514/udp open|filtered tcpwrapped


----------



## youngunix (Jan 2, 2016)

That port is assigned to syslogd(8). What rule did you use? you can try:

```
ipfw -q add deny from any to any 514
```


----------



## Handy92 (Jan 2, 2016)

Yes I was try to use this reguls. Nothing. But zmap was run at tested machine. 192.168.1.130 is a syslogd but i do now know why is open.


----------



## youngunix (Jan 2, 2016)

I see, add the following entry to your /etc/rc.conf: `syslogd_flags="-ss"`.
According to syslogd(8):

```
"-s      Operate in secure mode.  Do not log messages from remote
          machines.  If specified twice, no network socket will be opened
          at all, which also disables logging to remote machines."
```


----------



## Handy92 (Jan 2, 2016)

I know about it. But this port is open only for local, or external to? And live it is a bad idea for secure?


----------



## youngunix (Jan 2, 2016)

It can be for both (depending on the configuration) and yes, it can become a security issue. Make sure you read the manual page, it has all the necessary information.


----------



## Handy92 (Jan 2, 2016)

If exist another nothing useful things what shout be disable as default?

PS. I do not have physically microphone anymore.


----------

