> I have a newly built Dell PowerEdge Server and now have ports open I can't > explain clearly to government management. .
> Active Connections > Proto Local Address Foreign Address State > TCP 0.0.0.0:111 0.0.0.0:0 LISTENING portmap. If you don't use rpc, kill it. > TCP 0.0.0.0:135 0.0.0.0:0 LISTENING > TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 445 is pretty common on 2k servers; like 137-139 on 9x boxen. 135 is MS' RPC... > TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING > TCP 0.0.0.0:1026 0.0.0.0:0 LISTENING ... > TCP 0.0.0.0:1311 0.0.0.0:0 LISTENING These are all open connections to localhost. (see http://www.robertgraham.com/pubs/firewall-seen.html#1.1) > TCP 0.0.0.0:3372 0.0.0.0:0 LISTENING > TCP 0.0.0.0:8000 0.0.0.0:0 LISTENING MSDTC and iRDMI? I'm sure one of the other posts'll be able to help you with these two. -G_E
