Hi All, I am exploring locking down an OpenBSD 6.0 server running on a Thinkpad w510 with a i7-q720 processor.
I believe I have turned off everything except dhcp and sshd. When I run a netstat I don't see any services running. I have set everything =NO in the rc.conf.local (except dhcp and ssh). However, when I port scan the machine I still see UDP ports 623 and 4500 open. I found this article that recommended disabling using mobike=NO in ipsec.conf but I cannot find anything in man page and tried it anyway and no change. Any thoughts or ideas? Below are the port scan and the netstat from the server: Starting Nmap 7.01 ( https://nmap.org ) at 2016-11-15 21:28 PST Nmap scan report for 192.168.0.127 Host is up (0.0042s latency). Not shown: 998 closed ports PORT STATE SERVICE 623/udp open|filtered asf-rmcp 4500/udp open|filtered nat-t-ike MAC Address: F0:DE:F1:48:D2:10 (Wistron InfoComm (Kunshan)Co) Nmap done: 1 IP address (1 host up) scanned in 173.95 seconds # netstat -a Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address (state) ip 0 0 *.* *.* 17 Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address (state) tcp 0 0 192.168.0.127.ssh 192.168.0.112.33356 ESTABLISHED tcp 0 0 *.ssh *.* LISTEN Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address (state) tcp6 0 0 *.ssh *.* LISTEN Active UNIX domain sockets Address Type Recv-Q Send-Q Inode Conn Refs Nextref Addr 0xffff8000003a2b00 stream 0 0 0x0 0xffff8000003a2b80 0x0 0x0 0xffff8000005d4800 stream 0 0 0x0 0xffff8000005d4200 0x0 0x0 0xffff8000005d4200 stream 0 0 0x0 0xffff8000005d4800 0x0 0x0 0xffff8000003a2b80 stream 0 0 0x0 0xffff8000003a2b00 0x0 0x0 #
