On Wed, May 22, 2002 at 01:24:16PM +0800, Edward Dekkers wrote: > I've looked at: > > http://www.iana.org/assignments/port-numbers > > to find out about all the open ports I have, and I have a few questions if > someone cares to explain. This is mainly out of curiousity, but also I would > like to know about any vulnerabilities I may have. The following ports are > open, and I would like to know how necessary it is to close any of them.
Look at the /etc/services file on your system. It will give you an idea about the software using those ports: > Port 6 is unassigned - yet netstat shows it as listening. the -nap options > and lsof -i don't really tell me what it is doing. Any clue? > 111 - Sun Remote Procedure Call - This is required by portmap right? And > portmap is required for all RPC servers right? I'm assuming I need this? If you're suing NFS, yes. Otherwise switch off and remote portmap. It has been used to hack into systems. > 587 - Submission - ??? MSA, message submission protocol, like SMTP, but for use by dumb clients that do not know how to format email messages correctly. > 953 - is supposed to be unassigned but is listening - any ideas? RNDC - used by bind 9 - for controlling bind. > 1024 - supposed to be reserved but is listening? > 1026 - ditto > 2062 - ICG SWP Port - any ideas what this is? > 2084 - Unassigned but listening. Don't know those. > 3130 - ICPv2 - What is this? Internet cache protocol. Are you running squid? > I've run the numerous internet security scanning services, and according to > them, I'm OK for security. The above just has me a little stumped. > > Am I overly worried? (as per usual) It's always good to be worried. That's what makes sure you're alert to security issues :) Anyway, as someone recommeded, run "netstat -anp" as root to find out which program is listening to which port. -- Anand Buddhdev Personal site: http://anand.org _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
