Looking to tighten up some security and came across a few things that I had no answer for.
1) Can you tell "nfs" on 7.0.2 to listen only on a specific NIC card IP?
Ie. port 2049
2) Ditto above for portmapper?
Ie. port 111
3) Any idea what is listening on TCP and UDP for ports 1021, 1022, 1023?
- Yellowpages / NIS?
- Can this listener be disabled if we determine we are not using
what the listener is for?
Example "netstat -an" output. See ">>" prefixing items of concern.
Proto Recv-Q Send-Q Local Address Foreign Address
State
tcp 0 0 127.0.0.1.3306 *.*
LISTEN
tcp 0 0 *.80 *.*
LISTEN
tcp 0 0 1.1.1.1.10080 *.*
LISTEN
tcp 0 0 1.1.1.1.23 *.*
LISTEN
tcp 0 0 1.1.1.1.21 *.*
LISTEN
tcp 0 0 127.0.0.1.25 *.*
LISTEN
tcp 0 0 2.2.2.2.25 *.* LISTEN
tcp 0 0 1.1.1.1.25 *.*
LISTEN
tcp 0 0 1.1.1.1.22 *.*
LISTEN
>> tcp 0 0 *.1021 *.*
LISTEN (???)
>> tcp 0 0 *.1022 *.*
LISTEN (???)
>> tcp 0 0 *.2049 *.*
LISTEN (NFS?)
>> tcp 0 0 *.1023 *.*
LISTEN (???)
>> tcp 0 0 *.111 *.*
LISTEN (PortMapper?)
udp 0 0 127.0.0.1.123 *.*
udp 0 0 1.1.1.1.123 *.*
udp 0 0 127.0.0.1.514 *.*
>> udp 0 0 *.1020 *.* (???)
>> udp 0 0 *.1021 *.* (???)
>> udp 0 0 *.2049 *.* (NFS?)
>> udp 0 0 *.1022 *.* (???)
>> udp 0 0 *.1023 *.* (???)
>> udp 0 0 *.111 *.* (PortMapper?)
Thank you
Scott...
<<attachment: Scott_Burns.vcf>>
