Hello
I ma mandriva 2008.0 Linux system
Before few days My IP get blacklisted
I am new in linux & don't know how to analysis this problem
plz help me to sort out this problem.
My linux server is NAT server from which we are using internet to other m/c, qmail server is there but it is for local use within subnet only.
This is my nmap output, plz help me to analysis this issue & guide what port need to close to avoid any attacks or spams.
tarting Nmap 4.20 (
http://insecure.org ) at 2009-04-08 17:56 IST
Initiating SYN Stealth Scan at 17:56
Scanning livetekindia.com (192.168.10.2) [1697 ports]
Discovered open port 22/tcp on 192.168.10.2
Discovered open port 21/tcp on 192.168.10.2
Discovered open port 53/tcp on 192.168.10.2
Discovered open port 23/tcp on 192.168.10.2
Discovered open port 25/tcp on 192.168.10.2
Discovered open port 443/tcp on 192.168.10.2
Discovered open port 80/tcp on 192.168.10.2
Discovered open port 106/tcp on 192.168.10.2
Discovered open port 3128/tcp on 192.168.10.2
Discovered open port 993/tcp on 192.168.10.2
Discovered open port 445/tcp on 192.168.10.2
Discovered open port 6000/tcp on 192.168.10.2
Discovered open port 143/tcp on 192.168.10.2
Discovered open port 8080/tcp on 192.168.10.2
Discovered open port 110/tcp on 192.168.10.2
Discovered open port 139/tcp on 192.168.10.2
Discovered open port 1241/tcp on 192.168.10.2
Completed SYN Stealth Scan at 17:56, 0.11s elapsed (1697 total ports)
PORT STATE SERVICE VERSION
21/tcp open ftp ProFTPD 1.3.2
22/tcp open ssh OpenSSH 4.7 (protocol 2.0)
23/tcp open telnet BSD-derived telnetd
25/tcp open smtp qmail smtpd
53/tcp open domain ISC Bind dnsmasq-2.39
80/tcp open http Apache httpd 2.2.6 ((Mandriva Linux/PREFORK-8.2mdv2008.0))
106/tcp open tcpwrapped
110/tcp open pop3 qmail pop3d
139/tcp open netbios-ssn Samba smbd 3.X (workgroup: LINUXRT)
143/tcp open imap Courier Imapd (released 2005)
443/tcp open ssl/http Apache httpd 2.2.6 ((Mandriva Linux/PREFORK-8.2mdv2008.0))
445/tcp open netbios-ssn Samba smbd 3.X (workgroup: LINUXRT)
993/tcp open ssl/imap Courier Imapd (released 2005)
1241/tcp open ssl/unknown
3128/tcp open http-proxy Squid webproxy 2.6.STABLE16
6000/tcp open X11 (access denied)
8080/tcp open http Apache httpd 2.2.6 ((Mandriva Linux/PREFORK-8.2mdv2008.0))