On Sun, Dec 26, 2004 at 10:33:44AM +0200, Gabor Szabo wrote: > > I am trying to secure a new server and as I am not an a real > security expert I'd be glad to get some inuput. > This is a Fedore-3 based server (I already shut down cupd - > why do they need this in a server anyway ?) > I ran nmap on the server and got this: > > Port State Service > 22/tcp open ssh > 55/tcp filtered isi-gl > 80/tcp open http > 135/tcp filtered loc-srv > 137/tcp filtered netbios-ns > 138/tcp filtered netbios-dgm > 139/tcp filtered netbios-ssn > 225/tcp open unknown > 443/tcp open https > 445/tcp filtered microsoft-ds > 4444/tcp filtered krb524 > 12345/tcp filtered NetBus > 12346/tcp filtered NetBus > 27374/tcp filtered subseven > > > Port 22 and 80 are OK > I guess I'll have to shut down the betbios and microsft-ds things, > what are these? Samba ? > > > I was surprised to see NetBus ports. I though this meant my server was > *already* broken in (this is a brand new machine). > > Any specific RTFM would be also appreciated.
netstat -lntup will give you the Processes Listening on Udp/Tcp ports . > > Gabor > > > ================================================================= > To unsubscribe, send mail to [EMAIL PROTECTED] with > the word "unsubscribe" in the message body, e.g., run the command > echo unsubscribe | mail [EMAIL PROTECTED] -- Tzafrir Cohen +---------------------------+ http://www.technion.ac.il/~tzafrir/ |vim is a mutt's best friend| mailto:[EMAIL PROTECTED] +---------------------------+ ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
