Latest LQ Deal: Latest LQ Deals
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 11-08-2000, 01:31 PM   #1
LQ Newbie
Registered: Nov 2000
Location: Quebec city, Canada
Posts: 2

Rep: Reputation: 0

Hi everybody,

I would like to know which port I have to close to be secure when I am connecting to the Net with my ppp0 connexion. I already run a Firewall: Ipchains but I use nmap and I find the following ports opened:

Starting nmap V. 2.53 by ( )
Interesting ports on localhost (
(The 1495 ports scanned but not shown below are in state: closed)
Port State Service Owner
1/tcp open tcpmux root
7/tcp open echo root
9/tcp open discard root
11/tcp open systat root
15/tcp open netstat root
21/tcp open ftp root
23/tcp open telnet root
37/tcp open time root
79/tcp open finger root
113/tcp open auth nobody
119/tcp open nntp root
138/tcp open netbios-dgm root
139/tcp open netbios-ssn root
512/tcp open exec root
515/tcp open printer root
540/tcp open uucp root
1512/tcp open wins yvesbis
2000/tcp open callbook root
2001/tcp open dc root
6000/tcp open X11 root
6001/tcp open X11:1 root
6667/tcp open irc root
12345/tcp open NetBus root
31337/tcp open Elite root
32771/tcp open sometimes-rpc5 root
32772/tcp open sometimes-rpc7 root
32773/tcp open sometimes-rpc9 root
32774/tcp open sometimes-rpc11 root

Nmap run completed -- 1 IP address (1 host up) scanned in 3 seconds

I am looking to close all the ports but I want to be able to login to my linux box too.

I start my linux box on runlevel 5 with gdm + gnome on Redhat 6.2 AMD-K6-II i586
Old 11-11-2000, 08:20 PM   #2
Registered: Jun 2000
Distribution: Debian, Red Hat, Slackware, Fedora, Ubuntu
Posts: 13,174

Rep: Reputation: 3801Reputation: 3801Reputation: 3801Reputation: 3801Reputation: 3801Reputation: 3801Reputation: 3801Reputation: 3801Reputation: 3801Reputation: 3801Reputation: 3801
You should really have ALL unused ports closed. The fact that 12345 and 31337 are open makes me very suspicious. You may want to look around very closely - You may already have an intruder! Also, if you want to do remote logins you should really use ssh.
Old 11-13-2000, 08:24 AM   #3
LQ Newbie
Registered: Nov 2000
Location: Quebec city, Canada
Posts: 2

Original Poster
Rep: Reputation: 0
linux ports

For the ports opened: 31xxx I run Fakebo and I already use ssh.



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
The Most Secure Linux System Is Embedded Linux That's Jumpered t3gah Linux - Security 2 06-12-2005 09:49 PM
VSFTPD with secure & non-secure logins Ricci Graham Linux - Software 5 04-07-2005 05:12 PM
Secure email (SSL vs. secure authentication) jrdioko Linux - Newbie 2 11-28-2004 02:39 PM
boot options: linux-secure, linux-nonfb etc Li-Wen Linux - General 1 01-17-2004 03:14 PM
need to close ports to secure machine VioLaToR Linux - Networking 4 05-06-2003 05:42 PM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 11:25 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration