scan port at 111 is open....
the mention port below is found to be open at scan.sygate.com Should I panic now?
SUNRPC 111 OPEN Often used by SUN and Unix machines for Remote Procedure Calls. |
No, you should ask yourself if you need to provide r-services (RPC/NFS/NIS) to others. If not, close down those ports by I. adding a rule to your firewall, II. stop the rpc daemon and III. deinstall the packages (portmap.* nfs.*) and remove their configs (also look into xinted while you're at it), else try to tighten access by reading this for example.
|
well there's really hell lots of stuff. What I really need now, is to shutoff all port except those i only need like port 80? any suggestions?
|
Reviewing and adding firewall rules and adding rules for TCP-wrapped services will help stop ppl accessing services you don't want them to are good but remedial to say the least. What you "really need now" is to review what networked daemons you have running/installed on your system you don't use *now*. Look up tldp.org/ www.ibiblio.org/ google the net for "Securing Optimizing Linux RH Edition".
--- For more docs search (google/linuxdoc.org) for/check out: CERT's Techtips, especially the "UNIX Computer Security Checklist", CERT, root compromise, part F, LASG: Linux Administrator's Security Guide, Security Quick-Start HOWTO for Linux, Armoring Linux, SAG: The Linux System Administrator's Guide, The SANS Reading room: Linux issues, Bastille Linux Hardening System, Elementary security for your Linux box, Securityfocus.com vulnerabilities by Bugtraq/CVE ID, CERT, Sans Reading Room, SecFocus UNIX, LinuxSecurity.com, ISS, The rest of my security reference list is in the second reply here: "possibly a dumb(..)". |
what in the world is "oibiblio"?
|
Uh. Ment http://www.ibiblio.org/ :-]
|
All times are GMT -5. The time now is 04:31 AM. |