[Voyage-linux] Open TCP Ports

Kim-man 'Punky' TSE (spam-protected)
Tue May 19 19:18:41 HKT 2009 

Hi Robert,

Quick ans. give "-p" option to netstat will show you what processes 
listen to which port.

Regards,
Punky

Robert Rawlins - Think Blue wrote:
>
> Hello Guys,
>
> I’ve just been studying my build here with netstat and found a few 
> ports which are listening and I’m not convinced that they should be ;-)
>
> tcp 0 0 0.0.0.0:68 0.0.0.0:* LISTEN
>
> tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN
>
> tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
>
> tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN
>
> tcp 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN
>
> tcp 0 0 192.168.1.64:35760 192.168.1.66:83 TIME_WAIT
>
> tcp 0 0 192.168.1.64:35762 192.168.1.66:83 TIME_WAIT
>
> tcp 0 0 192.168.1.64:35757 192.168.1.66:83 TIME_WAIT
>
> tcp 0 0 192.168.1.64:35758 192.168.1.66:83 TIME_WAIT
>
> tcp 0 0 192.168.1.64:35759 192.168.1.66:83 TIME_WAIT
>
> tcp 0 0 192.168.1.64:35761 192.168.1.66:83 TIME_WAIT
>
> tcp6 0 0 :::53 :::* LISTEN
>
> tcp6 0 0 :::22 :::* LISTEN
>
> tcp6 0 1128 ::ffff:192.168.1.64:22 ::ffff:192.168.1.:51880 ESTABLISHED
>
> tcp6 0 0 ::ffff:192.168.1.64:22 ::ffff:192.168.1.:51877 ESTABLISHED
>
> Now, I see the established :22 connections at the bottom, these are 
> quite expected, also the outbound connections on :63 to my test 
> server, again I would expect these. However, :68, :111, :53, :1723 are 
> all unknown to me. Do you recognise what any of these are for?
>
> Generally speaking I only require outside access to port 22, no other 
> ports should be needed, is that correct? Or are some of these other 
> ports required for vital services that I’m just not aware of?
>
> Can you guys recommend the best way to get these closed up? Just helps 
> eliminate the vulnerabilities.
>
> Thanks,
>
> Robert
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Voyage-linux mailing list
> Voyage-linux at list.voyage.hk
> http://list.voyage.hk/mailman/listinfo/voyage-linux
>   


-- 
Regards,
Punky

Voyage Solutions (http://solution.voyage.hk)
* Embedded Solutions and Systems
  - Mesh Networking, Captive Portal, IP Surveillance, VoIP/PBX
  - Network Engineering, Development Platform and Consultation

More information about the Voyage-linux mailing list