LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 06-09-2010, 02:03 PM   #1
alee
LQ Newbie
 
Registered: May 2008
Posts: 28

Rep: Reputation: 15
iptables - what are ports 111 and 514?


I have configured my fireall to let only EMAIL, HTTP/HTTPS and SSH traffic let through to the web server. I used the following rule

Code:
-A FORWARD -s 0/0 -i eth1 -d 192.168.1.10 -o eth0 -p TCP -m multiport --dports 80,443,110,22 -j ACCEPT

-A FORWARD -d 0/0 -o eth1 -s 192.168.1.10 -i eth0 -p TCP -m state --state ESTABLISHED -j ACCEPT
That is working fine. But when i scanned my 192.168.1.10 computer through some other machine from outside netowkr say (192.168.2.10) through nmap following command
Code:
nmap -sS -O 192.168.1.10
it showed me 2-3 extra ports which are opened i.e.
Code:
22
80
111
443
514
I don't know why 111, 514 are open. Can someone explain this?
 
Old 06-09-2010, 02:17 PM   #2
unixfool
Member
 
Registered: May 2005
Location: Northern VA
Distribution: Slackware, Ubuntu, FreeBSD, OpenBSD, OS X
Posts: 781
Blog Entries: 8

Rep: Reputation: 157Reputation: 157
I think it would depend on what rules you bind to your machine's interfaces. Your rules mention eth1. What about the other interfaces (if there are any)? I'd look at the services running on those ports and turn them off (they're obviously running).
 
Old 06-09-2010, 03:01 PM   #3
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora, Lubuntu, FreeBSD
Posts: 3,930
Blog Entries: 5

Rep: Reputation: Disabled
Quote:
Originally Posted by alee
what are ports 111 and 514?
For future reference, you can always check on the IANA-registered port numbers / services in /etc/services.

(Interestingly, nmap(1) does not actually query this file, though. It comes with its own list of port num / service mappings.)
 
1 members found this post helpful.
Old 06-09-2010, 03:20 PM   #4
unixfool
Member
 
Registered: May 2005
Location: Northern VA
Distribution: Slackware, Ubuntu, FreeBSD, OpenBSD, OS X
Posts: 781
Blog Entries: 8

Rep: Reputation: 157Reputation: 157
Quote:
Originally Posted by anomie View Post
For future reference, you can always check on the IANA-registered port numbers / services in /etc/services.

(Interestingly, nmap(1) does not actually query this file, though. It comes with its own list of port num / service mappings.)
Yeah, that's what I did when I saw the post. To be frank, nmap's list is probably more accurate (although anyone can edit their /etc/services file to accurately reflect the proper services).
 
Old 06-10-2010, 12:12 AM   #5
alee
LQ Newbie
 
Registered: May 2008
Posts: 28

Original Poster
Rep: Reputation: 15
hey, thanks guys. that helped. I realized that there were few services already running. i looked for these ports on the given reference.
thanks a lot
 
  


Reply

Tags
iptables, nmap, scan


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
open ports for utorrent using iptables n close smpt to that ports shtorrent00 Linux - Networking 2 09-30-2008 03:34 PM
how? redirect apache2 outbound ports to specific ports w/iptables? nowshining Linux - Security 5 05-27-2008 02:46 AM
reject all ip & ports and allow only some ports with iptables ysar68 Linux - Security 1 05-12-2007 08:50 PM
Why are these ports open: 111, 898? robbbert Linux - Networking 8 06-29-2006 07:19 AM
port 520 and 514. SHould I block these ports? cevjr Linux - Security 1 05-11-2004 12:57 PM


All times are GMT -5. The time now is 03:39 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration