137/138 are Samba ports used for filesharing with windows boxes. 2049 is NFS (another file sharing protocol). None of those are standard. I'm not sure if you just have a bunch of servers running that you aren't aware of or if the windows port scanner just sucks. Could you do: netstat -pantu on the Linux box and post the output. Also do lsof -i as well (if lsof is installed that is) and make sure it agrees with the netstat output.

I would like to compliment all of you on an excellent & informative discussion, I learned a lot from it. I can think of several places from which I might link to this thread.

I would also like to compliment all of you on the excellence of your English, even though I strongly suspect it is not your native language in several cases. I see many native speakers who could take lessons here.

The following is cultural observation, it reflects what I observe to be the attitudes here in Houston (TX, USA) at HLUG, I don't even think they have any "theological" truth to them.

1. The "major" distros are held to be:
   • Slackware
   • Debian
   • Red Hat/Fedora Core
   • Mandrake
   • SuSE
2. Above order reflects the perceived "macho factor" pecking order.

This is not the place for a discussion of the merits of this list or the order it is in, please don't be side tracked from my point: If Slackware really is more difficult than Debian & Markie has completed a course in Debian, should he strongly consider changing to it now? I use Debian Woody for my servers, because the most knowledgeable GNU/Linux people I know recommend it for that use. I find it works great on older hardware & of course I love apt-get.

Going with a linux distro that you are more knowledgable with will decrease the "learning curve" and make you less likely to make a configuration mistake that could compromise your systems security. Of course there is also the added factor of whether or not you like the way a certain linux distro "feels", which personally I think as an important part. As far as a "pecking-order", I think they are mostly garbage that people use to make themselves feel better about not being hugged as a child or whatever other psychological insecurities they harbor. Truth is that there is very little difference between distros if properly secured and the majority of the differences will be in system management tools (package management, system config utils, etc). Personally I'd argue that SuSE installed with the "minimal option" would be more secure than Slack with everything installed.

Hi Capt_Caveman!

O.K., I did have Samba installed and I had it set up so it would have to be manually started every time. Right now I can't remember if I had started it before doing the portscan or not. I thought I didn't but the portscan says otherwise.
As to the NFS protocol (2049), I *know* I didn't start that manually. Probably it was installed because I just installed the entire network package collection of Slackware. What suprises me is that it's running when I don't even know what it is, let alone how to start it.
Could it be this auto-starts by default when installed with Slackware 9.1? If so, that wouldn't be very secure.

As to the windows-port-scanner sucking, that's possible to.
When scanning the same linux box on another day, it seemed like all the open ports where like one or two numbers higher...
Giving totally different corresponding services of course... Weird huh?

Sorry, I can't do netstat -pantu or lsof -i anymore.
The hard disk is formated and busily in use with another OS now...
:-/


Hi archtoad5,

Thanks for the compliment on this thread... :-)
Capt_Caveman and others certainly made this thread valuable! :-)

But I DO like Slackware. They have one of the most wonderfull and complete documentations, especially for "newbies".
(They explain a lot of standard UNIX stuff... *GREAT* :-)))
I also like Debian, as long as it doesn't already generate errors during a default install... ;-) (But maybe I've just got a corrupt download too...?)

Anyway, I'm digging in way deeper into security now, bought a few books (just need to read em too now... ;-), some extra hardware and I won't set up another web server without intrusion detection and security stuff INSIDE my LAN, even behind my firewall.

Security isn't really fun. Not as fun as serving web files / gaming / downloading or programming.
But once you've been hacked / or rather "cracked" that really changes your motivation on digging in on security stuff.

Greetings to all,
Markie