Greetings!
Andre Bell wrote:
> Are any of these ports dangerous to leave open? I scanned my linux box and
> these are the ports that are actually open when using local tools and
> intrusion tools online at www.doshelp.com:
You should always be aware of the services you REALLY use - if you do not use
the service, abandon it. If you want to make your box secure, replace the
standard INETD with the XINETD configured only to answer to the internal
network. The less services are available, the less configuration problems and
the thess possible open points to attack.
Some comments on the list from memory:
> Port State Protocol Service
> 11 open tcp systat
> 15 open tcp netstat
> 79 open tcp finger
With the services above possible attackers can learn a LOT about your system.
Especially FINGER is outdated somewhat (read: not being used that much anymore)
- and gives out a lot of precious information to pissible crackers.
> 635 open tcp unknown
UNKNOWN is _always_ a bad idea. Here you should investigate.
> 12345 open tcp NetBus
> 12346 open tcp NetBus
Seems that you already caught yourself a ...noncommercial remote managemenrt
tool on your system. Using SSH or similarly crypted/safeguarded remote
management will be a better idea though.
Bye
Volker
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
