LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 11-08-2000, 12:31 PM   #1
linuxforce
LQ Newbie
 
Registered: Nov 2000
Location: Quebec city, Canada
Posts: 2

Rep: Reputation: 0
Question


Hi everybody,

I would like to know which port I have to close to be secure when I am connecting to the Net with my ppp0 connexion. I already run a Firewall: Ipchains but I use nmap and I find the following ports opened:

Starting nmap V. 2.53 by fyodor@insecure.org ( http://www.insecure.org/nmap/ )
Interesting ports on localhost (127.0.0.1):
(The 1495 ports scanned but not shown below are in state: closed)
Port State Service Owner
1/tcp open tcpmux root
7/tcp open echo root
9/tcp open discard root
11/tcp open systat root
15/tcp open netstat root
21/tcp open ftp root
23/tcp open telnet root
37/tcp open time root
79/tcp open finger root
113/tcp open auth nobody
119/tcp open nntp root
138/tcp open netbios-dgm root
139/tcp open netbios-ssn root
512/tcp open exec root
515/tcp open printer root
540/tcp open uucp root
1512/tcp open wins yvesbis
2000/tcp open callbook root
2001/tcp open dc root
6000/tcp open X11 root
6001/tcp open X11:1 root
6667/tcp open irc root
12345/tcp open NetBus root
31337/tcp open Elite root
32771/tcp open sometimes-rpc5 root
32772/tcp open sometimes-rpc7 root
32773/tcp open sometimes-rpc9 root
32774/tcp open sometimes-rpc11 root

Nmap run completed -- 1 IP address (1 host up) scanned in 3 seconds

I am looking to close all the ports but I want to be able to login to my linux box too.

I start my linux box on runlevel 5 with gdm + gnome on Redhat 6.2 AMD-K6-II i586
 
Old 11-11-2000, 07:20 PM   #2
jeremy
root
 
Registered: Jun 2000
Distribution: Debian, Red Hat, Slackware, Fedora, Ubuntu
Posts: 13,597

Rep: Reputation: 4080Reputation: 4080Reputation: 4080Reputation: 4080Reputation: 4080Reputation: 4080Reputation: 4080Reputation: 4080Reputation: 4080Reputation: 4080Reputation: 4080
You should really have ALL unused ports closed. The fact that 12345 and 31337 are open makes me very suspicious. You may want to look around very closely - You may already have an intruder! Also, if you want to do remote logins you should really use ssh.
 
Old 11-13-2000, 07:24 AM   #3
linuxforce
LQ Newbie
 
Registered: Nov 2000
Location: Quebec city, Canada
Posts: 2

Original Poster
Rep: Reputation: 0
linux ports

For the ports opened: 31xxx I run Fakebo and I already use ssh.

Regards,
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
VSFTPD with secure & non-secure logins Ricci Graham Linux - Software 6 02-24-2020 11:49 PM
The Most Secure Linux System Is Embedded Linux That's Jumpered t3gah Linux - Security 2 06-12-2005 08:49 PM
Secure email (SSL vs. secure authentication) jrdioko Linux - Newbie 2 11-28-2004 01:39 PM
boot options: linux-secure, linux-nonfb etc Li-Wen Linux - General 1 01-17-2004 02:14 PM
need to close ports to secure machine VioLaToR Linux - Networking 4 05-06-2003 04:42 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:43 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration