Port 67 (bootPC) & 68 (bootPS) open by default -- why?
 

Hi all,

After installing Fedora Core 3, I ran the port detection diagnostic test Shields UP at grc.com. During the installation, I had chosen not to install any servers and open their corresponding default ports, and none were open, but Shields UP did find two other open ports, 67 (bootPC) and 68 (bootPS). I am just wondering why they are open by default and if there is any reason not to block them manually using Firestarter.

Thanks for your time and have a nice day.

you can block the two ports shown above.
The bootP* ports are services which can be turned off or be blocked on workstations.

Re: Port 67 (bootPC) & 68 (bootPS) open by default -- why?
 

Depends on how your system is getting an IP address assigned. If your setup uses the bootp protocol to get an IP address, then turning it off will likely cause connectivity loss. However protocols like bootp and dhcp should absolutely not be open to general public access. Usually you can firewall the bootpc ports to only accept incoming traffic from the bootp/dhcp server (which is usually your ISP or most soho routers (linksys, dlink,etc) will use bootpc as well). If your system has a static IP that isn't assigned, then you likely don't need it.