Christian Seiler wrote:
> Bill wrote:
> > what uses them and why shouldn't I close them?
> > (I'm assuming there must be a good reason to have wide open ports.)
It is debatable whether the old Sun RPC services should be installed
by default. I do use and manage NFS but I wouldn't install it by
de
On 05/09/2015 01:25 PM, Bill wrote:
> I'm still running wheezy but noticed a couple of open ports the other
> day. This is just a simple laptop - no nfs access needed, no need for a
> networked port mapper, and certainly not a dns server.
>
> So why are they there,
Well, Debian's policy for daemo
Hi Rutger,
> PORTSTATE SERVICE
> 22/tcp open ssh
> 25/tcp open smtp
> 80/tcp open http
> 111/tcp open rpcbind
> 113/tcp open auth
> 903/tcp open iss-console-mgr
Before starting nmap, use netstat.
You can find out which program uses which port with
netstat -tulpen
for your in
port 111 will be used by rpc processes like NIS and NFS.
port 113 is identd, used to identify the "owner" of a connection.
port 903... I'm not sure.
If you box is up on the world. I would suggest making a iptables(or
equivilent) script that will block all but the wanted ports.
IE, having the
On 00:54 Wed 23 Nov , Rutger Wessels wrote:
> Hello,
>
> I administer a debian installation that is connected to the Internet.
> When I run nmap, I found the following:
> Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2005-11-23 00:29 CET
> Interesting ports on xx
> (The 1657
On Wed, 23 Nov 2005 00:54:13 +0100
Rutger Wessels <[EMAIL PROTECTED]> wrote:
> 113/tcp open auth
That's an 'ident' daemon I believe. _very_ primitive "security", some braindead
IRC networks require it to be running and doubtlessly other things will require
it too.
HTH
-ol
--
I will live for
Lo, on Wednesday, June 5, Paul Johnson did write:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Wed, Jun 05, 2002 at 02:32:00PM -0400, tvn1981 wrote:
>
> > 9/tcp opendiscard
>
> Not sure myself...
Standard TCP service; routes everything written to that
On Wed, 2002-06-05 at 13:32, tvn1981 wrote:
>
> Hi, I have the following ports open and I am not sure what they are.
> Whether or not they are really needed. My other Linux box (rh) doesn't
> have these so I am wondering what these are in Debian
>
> 9/tcp opendiscard
On Wednesday 05 June 2002 02:57 pm, Paul Johnson wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Wed, Jun 05, 2002 at 02:32:00PM -0400, tvn1981 wrote:
> > 9/tcp opendiscard
>
> Not sure myself...
>
$ cat //etc/services| grep 9/tcp
discard 9/tcp sink n
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Jun 05, 2002 at 02:32:00PM -0400, tvn1981 wrote:
> 9/tcp opendiscard
Not sure myself...
> 13/tcp opendaytime
> 37/tcp opentime
On 5 Jun 2002, tvn1981 wrote:
>
> Hi, I have the following ports open and I am not sure what they are.
> Whether or not they are really needed. My other Linux box (rh) doesn't
> have these so I am wondering what these are in Debian
>
> 9/tcp opendiscard
> 13/tcp opendaytim
Under the netfilter model, this is known as DNAT (Destination NAT,
because it is the destination field of incoming packets that is being
rewritten).
you'll want something like the following:
iptables -t nat -A PREROUTING -d $extip -p tcp --dport 135 -j DNAT
--to-destination 192.168.1.1
(also se
> > > doing a search for -dport or -sport for source and destination ports
> > >
> > thank you for your reply, but I am not getting much wiser with this
> > document. I learn by examples. I was thinking about this:
> > iptables -A INPUT -i eth0 -d 212.127.10.10 -dport 135 -j ACCEPT
> > iptables -A
On Sat, Feb 17, 2001 at 10:46:40PM -0800, [EMAIL PROTECTED] wrote:
>
> the best way ive found to disable portmap is to rename /sbin/portmap
> to something else. there are so many different things that may call
> on it, its just easier for me to rename it then modify a bunch of
just make sure you
On Sat, Feb 17, 2001 at 11:13:52PM -0500, Glenn Becker wrote:
> Interesting ports on localhost (127.0.0.1):
> PortState Protocol Service
> 22 opentcpssh
> 25 opentcpsmtp
> 53 opentcpdomain
>
To quote Glenn Becker <[EMAIL PROTECTED]>,
#
# All,
#
# I have been trying to secure my Debian box, which enjoys a DSL
# connection. I've been going through /etc/inetd.conf, commenting out
# services, and K'ing others in the /etc/rc2.d/, until what I have left
is
# the following (output from nmap
>
> I am not using NFS or NIS, and I have started to hunt down
> how/where to turn
> off portmap.
>
> Hmmm...
>
> I check out things in /etc/init.d. Ahh... mountnfs.sh!
>
> But wait! I read through the script It shouldn't be on! There's
> nothing to turn it on.
>
You know, I should really
> Port 111 is the portmap daemon, used by NFS and NIS (anything else?).
> It doesn't look like you're using NFS or NIS (if so you'd have other
> ports open) so you can probably shut it off. If you do want to keep it
> on, it might be worth it to use something like ipchains or iptables to
> filter
On Fri, Jan 26, 2001 at 08:28:51AM -0600, Brooks R. Robinson wrote:
> machine, and I've come down to just a few open ports left that I have at
> least mild concern about. They are:
>
> 9 discard
> 13daytime
> 37time
> 111 sunrpc
>
> Now, I know that 9 will just throw away any
On Fri, Jan 26, 2001 at 08:28:51AM -0600, Brooks R. Robinson wrote:
> But what about 111? Something in my gut says that
> remote procedure call can't be all that good.
NIS and NFS need sunrpc (aka portmapper) running on the server, but you
should be able to shut it off if you're not using either
On Sun, Nov 21, 1999 at 10:58:16AM +0100, Jean-Yves BARBIER wrote:
> I was also returned an 'imap2' opened port??? I did not installed
> such a package (in fact it was purged long ago). Why is it still
> present?
Sorry, forget about this one, it was still opend by inetd.
JY
--
Jean-Yves F. Barbi
21 matches
Mail list logo
