• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 244
  • Last Modified:

Open Ports

Hi,
I did a port scan of my computer (Mandrake 8.0) and found these ports to be open.

22-ssh
25-smtp
111-sunrpc
617-unknown
631-unknown
6000-X11
32770-sometimes-rpc3
0
zxcvzxcv
Asked:
zxcvzxcv
1 Solution
 
zxcvzxcvAuthor Commented:
Which of these do I really need open?
0
 
dkloesCommented:
ssh has functionality similar to rlogin, rsh, rcp but uses encryption to provide more security
rpc is used primarily for nfs
smtp is used for mail transport
X11 is used for X Windows

Which of these you do not need depends on how your system is setup and what your requirements are.  Experts will need more information about your system to provide any further guidance.
0
 
kannabisCommented:
the sunrpc port is one of the biggest security vulnerabilities.  If you have this system connected to the internet without a firewall...then if would definatly shut that port down.

0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
zxcvzxcvAuthor Commented:
Sorry for the lack of detail. I use ssh and X11. I just used msec (Mandrake Security tool) to up my security to server level and then back to normal level. This has closed off all ports but ssh and X11 (I uninstalled the SMTP mail server) Should any of the other ports be re-exposed to the internet? Why does the X Windowing system open a TCP port, does this need to be accessable to the world or just the machine internally?
0
 
garisoainCommented:
Can be Both...

The X-Server listens on the port, and IF YOU ALLOW (via the "rhost" command) other addresses, they can display their applications on YOUR screen... =)

Access to this service is managed via the "rhost" (again) command, by default, only localhost, and the user that started the server are allowed to send applications to the X server.

It's a great feature on X11... =)

=)
-garisoain

0
 
zxcvzxcvAuthor Commented:
So If my only uses for X11 are local (and remote through a vnc server). Do I need this port open or closed
0
 
garisoainCommented:
open...

the default security for that port is pretty good...

-garisoain
0
 
zxcvzxcvAuthor Commented:
Is there a way to close off a port from the internet, without un-installing the software that's using that port, and with out using a super restrictive fire wall?
0
 
garisoainCommented:
if you need only to close the port from the interntet, ipchains/iptables will do the job.

if your kernel is 2.2.x : man ipchains
if your kernel is 2.4.x: man iptables

hope this helps
-garisoain
0
 
zxcvzxcvAuthor Commented:
thanks
0
 
zxcvzxcvAuthor Commented:
how can I get to that under Mandrake 8.0? (kernel 2.4.3)
No manual entry for iptables. the iptables command doesn't do anything either.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now