<quote who="wsa"> > Hi, > My questions, > Why are those last 3 ports open?
use lsof or fuser to determine what PID has that port open. fuser -n udp PORT_NUMBER fuser -n tcp PORT_NUMBER lsof | grep LISTEN (shows TCP listening processes) lsof | grep UDP (shows UDP listening processes) > i've looked around in the rcx.d directories and init.d but i could > find nothing about LDAP...so why is this even running? maybe its a bug in the remote scanner ..if fuser or lsof shows nothing then nothing is there. > And is there any reason not to block those ports with a few extra > rules? And..if someone can find the time to look over the rules in > that script...is it a decent and safe script?:) if you don't need them, block them yes. it would be even better to shut the software that is using them down totally if you are not going to use it(or remove it totally). i reccomend doing a nmap scan of yourself and build the firewall script accordingly(from scratch). what i do: nmap -sS -P0 -p 1-65535 YOUR_REAL_IP_HERE nmap -sU -P0 -p 1-65535 YOUR_REAL_IP_HERE nate
