Thanks guys,
what i'm trying to do is make my server as sercue as possible.
I have my server hooked up to a ADSL unit and port 80 is the only one open.
so it should be safe.
but when i run nmap localhost
i get this
[root@www root]# nmap localhost
Starting nmap 3.48 (
http://www.insecure.org/nmap/ ) at 2003-11-27 20:27 WST
Interesting ports on
www.rockinghamgateway.com (127.0.0.1):
(The 1647 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
80/tcp open http
111/tcp open rpcbind
443/tcp open https
631/tcp open ipp
783/tcp open hp-alarm-mgr
3306/tcp open mysql
10000/tcp open snet-sensor-mgmt
Nmap run completed -- 1 IP address (1 host up) scanned in 2.751 seconds
and then if i run the IP eth0 #nmap 10.1.1.9
Starting nmap 3.48 (
http://www.insecure.org/nmap/ ) at 2003-11-27 20:34 WST
Interesting ports on 10.1.1.9:
(The 1650 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
21/tcp open ftp <---- IS FTP
22/tcp open ssh <----sshd
80/tcp open http <-----Apache webserver
111/tcp open rpcbind <-----I think its portmapper
443/tcp open https <---sercue webserver
3306/tcp open mysql <---- is mysqld
10000/tcp open snet-sensor-mgmt <--- is this webmin ???
Nmap run completed -- 1 IP address (1 host up) scanned in 23.011 seconds
Iceman47 ,so your saying to do it like this ?
Then stop them:
/sbin/service <rpcbind> stop (for RH compatible I believe)
/etc/init.d/<rpcbind> stop (the rest?)
My OS is Fedora Core 1 running just a shell no GUI, i have startx working
and most of my setup is done..apart from blocking ports
I am at a lost to this...the main ones i would be looking to block is port 111,783,631....
As i am a new user i dont know alot about it!
can any one explanie this in simple terms. as in do i need to block or dont I need to block any ?
tommytomato