[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Are the following open ports a danger?

From: Rick Stevens <rstevens vitalstream com>
To: Getting started with Red Hat Linux <redhat-install-list redhat com>
Subject: Re: Are the following open ports a danger?
Date: Mon, 09 Aug 2004 09:03:05 -0700

Graeme Nichols wrote:

Hello Folks, I have just become aware of a utility, nmap, to discover
open ports on my system. The output of the run is as follows:-
[graeme barney graeme]$ sudo nmap -sS -O barney Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2004-08-09 13:07 EST Interesting ports on barney.localdomain (192.168.1.1): (The 1637 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 1/tcp open tcpmux 11/tcp open systat 15/tcp open netstat 22/tcp open ssh 111/tcp open rpcbind 143/tcp open imap 540/tcp open uucp 635/tcp open unknown 1024/tcp open kdm 1080/tcp open socks 1524/tcp open ingreslock 2000/tcp open callbook 6667/tcp open irc 10000/tcp open snet-sensor-mgmt 12345/tcp open NetBus 12346/tcp open NetBus 31337/tcp open Elite 32771/tcp open sometimes-rpc5 32772/tcp open sometimes-rpc7 32773/tcp open sometimes-rpc9 32774/tcp open sometimes-rpc11 54320/tcp open bo2k Device type: general purpose Running: Linux 2.4.X|2.5.X OS details: Linux 2.5.25 - 2.5.70 or Gentoo 1.2 Linux 2.4.19 rc1-rc7) Uptime 0.056 days (since Mon Aug 9 11:47:15 2004) Nmap run completed -- 1 IP address (1 host up) scanned in 6.560 seconds

Are any of the above open ports posing a danger that I should close?

NONE of these should be available outside your network except the ones you really want others to access. The most dangerous ones are kdm, sysstat, netstat, tcpmux, all of the RPC ones, uucp, ingreslock, callbook, IRC (oh man! shut that one down NOW!) NetBus, and Elite.

For my systems, I only have ssh open from the outside.

My apologies for a dumb question but iptables is not my forte I'm
afraid. BTW, nmap got my system wrong, its FC2 on kernel 2.6.6


It looks at the ports that are open, probes some of them and makes its
guess based on the responses.
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer     rstevens vitalstream com -
- VitalStream, Inc.                       http://www.vitalstream.com -
-                                                                    -
-                   "The bogosity meter just pegged."                -
----------------------------------------------------------------------

References:
- Are the following open ports a danger?
  - From: Graeme Nichols

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]