It also depends on the version you run. Here is what I have:
radius 1645/udp
securid 5500/udp
securidprop 5510/tcp
sdlog 5520/tcp
sdserv 5530/tcp
sdadmind 5550/tcp
sdreport 5540/tcp
sdxauthd 5540/udp
Before 3.x you had just 5500/udp and 5510/tcp (the first is authentication,
the second is slave sync). Roughly in 3 or 3.3 they added a bunch of new
services. But, none of them are in /etc/inetd.conf, and none of them rely
on .rhosts.
-----Original Message-----
From: McEwen, Don (NCI) [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 08, 2001 7:56 AM
To: 'Ng, Kenneth (US)'; 'Sun Young Geun\(???\)';
[EMAIL PROTECTED]
Subject: RE: [question] ACE/SERVER and security
If I remember correctly, there are 2 ports that the ACE server will
require. One is to validate tokens, and the other
if you have a slave. Look at the install document for the ports and the
names, or you can just look at the inetd.conf
file and I believe they are self evident.
Don
-----Original Message-----
From: Ng, Kenneth (US) [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 08, 2001 12:25 AM
To: 'Sun Young Geun\(???\)'; [EMAIL PROTECTED]
Subject: RE: [question] ACE/SERVER and security
If no one will acknowledge putting in that .rhosts entry, you must assume
that your machine has been compromised and that all of your tokens are
probably compromised. Format the disks and install from installation
tapes. Assume that anything on backups is contaminated. Start a plan to
replace all the tokens in the field.
Telnet services still risk exposing the root password if you come in as
root or su to root. A better way is to use ssh to encrypt the data stream.
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Sunday, January 07, 2001 8:24 PM
To: [EMAIL PROTECTED]
Subject: [question] ACE/SERVER and security
I'm operating ACE/SERVER.
ACE/server is configured master and slave.
I have some question about security.
1. I found something in .rhosts file like that.
#cat .rhosts
++
Do they use r-command when master and slave communicate each other?
If not, is there any problem whithout .rhosts file?
I want to delete .rhosts file because it is very vulnarable in securtiy.
2. I want to comment all services except for telnet service.
The inetd.conf file allows services.
*****************************************************************************
The information in this email is confidential and may be legally privileged.
It is intended solely for the addressee. Access to this email by anyone else
is unauthorized.
If you are not the intended recipient, any disclosure, copying, distribution
or any action taken or omitted to be taken in reliance on it, is prohibited
and may be unlawful. When addressed to our clients any opinions or advice
contained in this email are subject to the terms and conditions expressed in
the governing KPMG client engagement letter.
*****************************************************************************
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
