need help with securing open ports
The situation: I have one machine connected to the inet acting as a firewall/webserver/email server/ssh server and one machine inside that firewall. Since I don't have access to another machine outside my firewall that I can install nmap on I installed it on the machine behind the firewall and the server itself. Now I have run a port scan on the server from the comp inside the firewall and i get the following:
Port State Service
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
111/tcp open sunrpc
443/tcp open https
I expect ssh, smtp, and http. I am not sure I should expect https(I don't have any secure content on the webserver) or domain(used for dhcp?) and I have no clue what sunrpc is for. I have tried checking and making sure that I don't have these services running (using service -s) and I don't see any mention of sunrpc except in the iptables output. Basically I just want to know what I should close down to make my machine more sercure.
Thanks for any help!
|