[Voyage-linux] Open TCP Ports
Robert Rawlins - Think Blue
(spam-protected)
Tue May 19 18:56:04 HKT 2009
Hello Guys,
I've just been studying my build here with netstat and found a few ports
which are listening and I'm not convinced that they should be ;-)
tcp 0 0 0.0.0.0:68 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN
tcp 0 0 192.168.1.64:35760 192.168.1.66:83
TIME_WAIT
tcp 0 0 192.168.1.64:35762 192.168.1.66:83
TIME_WAIT
tcp 0 0 192.168.1.64:35757 192.168.1.66:83
TIME_WAIT
tcp 0 0 192.168.1.64:35758 192.168.1.66:83
TIME_WAIT
tcp 0 0 192.168.1.64:35759 192.168.1.66:83
TIME_WAIT
tcp 0 0 192.168.1.64:35761 192.168.1.66:83
TIME_WAIT
tcp6 0 0 :::53 :::* LISTEN
tcp6 0 0 :::22 :::* LISTEN
tcp6 0 1128 ::ffff:192.168.1.64:22 ::ffff:192.168.1.:51880
ESTABLISHED
tcp6 0 0 ::ffff:192.168.1.64:22 ::ffff:192.168.1.:51877
ESTABLISHED
Now, I see the established :22 connections at the bottom, these are quite
expected, also the outbound connections on :63 to my test server, again I
would expect these. However, :68, :111, :53, :1723 are all unknown to me. Do
you recognise what any of these are for?
Generally speaking I only require outside access to port 22, no other ports
should be needed, is that correct? Or are some of these other ports required
for vital services that I'm just not aware of?
Can you guys recommend the best way to get these closed up? Just helps
eliminate the vulnerabilities.
Thanks,
Robert
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://list.voyage.hk/pipermail/voyage-linux/attachments/20090519/1f6be238/attachment-0002.html>
More information about the Voyage-linux
mailing list