Port 8008 open, firewall policy accept?

zeroconf · April 12, 2022, 9:47pm

Tried to import eos-eos4.0-amd64-amd64.220406-204708.base, which failed. Luckily there was eos-eos4.0-amd64-amd64.220406-204708.base.vmdk file after unpacking the *.zip, which is virtual hard drive I could use for virtual machine.

Then running it in VirtualBox, discovered by nmap, that port 8008/tcp was open on that virtual machine IP.

nmap -F 192.168.56.101      
Not shown: 99 closed tcp ports (conn-refused)
PORT     STATE SERVICE
8008/tcp open  http

I added second, host-only network adapter in order to access for scanning purposes. Although connections were refused from that port, what for is that port opened?

Still I notice:

sudo iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Why leave ports open? Wouldn’t it be better input and forward policy to set deny at least?

wjt · April 20, 2022, 2:24pm

It is to support the Virtual School app available in the app center, and allow access to its content over the network, for historical reasons. If you do not have that app installed, nothing will happen if you attempt to access that port, as you have found. See systemctl status eos-kalite-system-helper.{service,socket}.

system · May 18, 2022, 2:24pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.