Are my open ports vulnerable to attacks?
I was reading an o'reillys book concerning linux when I found the command "lsof -i", in which I found some interest stuff and tried to scan my ip (not localhost ofcourse) with nmap.
It gave me this > Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2005-11-28 20:19 EET Interesting ports on *.ath.spark.net.gr (195.*.*.*): (The 65530 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 111/tcp open rpcbind 631/tcp open ipp 765/tcp open webster 2049/tcp open nfs 32768/tcp open unknown Nmap finished: 1 IP address (1 host up) scanned in 9.183 seconds I would like to ask, since I am not a network guru(or a guru of anything) what are these open ports and if I am vulnerable to anything. Actually I don't know what is ipp and webster. As for nfs, since it concerns local network why is that open to the internet?I think I should do something about it. And last open port unkown I think it's lime-wire, but I didn't launch the application at all when I scanned my ports.(dammit commercial products) Would appreciate any reply at all. |
You can view /etc/services file to view all ports and the services they offer.
|
I've already checked that and I feel kind lame for saying that, but it didn't have any helpful comments, I could just google it but I thought someone would post a one line description about these services.
Anyway I'll check it it when I get home |
Re: Are my open ports vulnerable to attacks?
Quote:
Quote:
Otherwise USE ipatbles for blocking the unauthorised acccess to these ports. |
Thank you very much for the reply amitsharma_26.
I didn't knew that I could #comment the ports on /etc/services and I was searching through /etc/rc.d/ to stop it on boot but suse really is hard to configure from the console(I really start to lean in slack). As for ipp no. So I should really stop this service. Thanks again |
tripwire, rkhunter and you will learn to hijack this!
Send your server-Ip to some hackers and you know ! :scratch: |
Port 631 is used by CUPS and is the printing service. So if you do not print anything from linux then you can turn it off.
/etc/services is a file used by xinetd. AFAIK commenting out lines in this file will not block ports or services. |
/etc/services is used by C functions getservbyname/getservbyport to translate numerical port number into text (23<->telnet)
So editing this file does not block any port. Are you using nfs (network file server for sharing disks over network)? if not, disable it as well as portmap (111) There used to be some security problems with portmap. As stated, rkhunter, tripwire, samhain can be useful. |
Quote:
@vangelis Quote:
After tht you can cross-check & close the services which are not usefull for your working scenario or which are vulnerable. Quote:
Quote:
|
All times are GMT -5. The time now is 02:54 PM. |