I am trying to secure a new server and as I am not an a real security expert I'd be glad to get some inuput. This is a Fedore-3 based server (I already shut down cupd - why do they need this in a server anyway ?) I ran nmap on the server and got this:
Port State Service 22/tcp open ssh 55/tcp filtered isi-gl 80/tcp open http 135/tcp filtered loc-srv 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 225/tcp open unknown 443/tcp open https 445/tcp filtered microsoft-ds 4444/tcp filtered krb524 12345/tcp filtered NetBus 12346/tcp filtered NetBus 27374/tcp filtered subseven
Port 22 and 80 are OK I guess I'll have to shut down the betbios and microsft-ds things, what are these? Samba ?
I was surprised to see NetBus ports. I though this meant my server was *already* broken in (this is a brand new machine).
Any specific RTFM would be also appreciated.
Ports listed as "filtered" are NOT listened to - they are protected by some firewall, either on the machine itself or somewhere in the network path leading to it.
Gilad
-- Gilad Ben-Yossef <[EMAIL PROTECTED]> Codefidence. A name you can trust(tm) Web: http://codefidence.com | SIP: [EMAIL PROTECTED] Tel: +972.9.8650475 ext. 201 | Fax: +972.9.8850643
"I am Jack's Overwritten Stack Pointer"
-- Hackers Club, the movie================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
