Re: [plug] Disabling unused services

Sun, 12 Dec 2004 19:19:48 -0800 

Have you tried setting msec level to 5? or install mandrake using
paranoid setting. Install via expert method.  Then allow only allow
port 80.


On Sun, 12 Dec 2004 01:07:35 +0800, Prem Vilas Fortran Rara
<[EMAIL PROTECTED]> wrote:
> Newbie here. I am setting up a webserver. The sysad requires me to
> disable unused ports (services) to minimize risk. I used nmap to scan
> tcp ports and then a local tool (in Mandrake) to disable unused
> services. Sysad tells me some UDP ports are still open. What tool did
> he use to scan them? He listed the following:
> 
>  UDP ports - 23 open ports
>         39 [ RLP => Resource Location Protocol ]
>         42 [ Name => Name Server ]
>         43 [ whois ]
>         53 [ DNS => Domain Name Server ]
>         67 [ bootps => Bootstrap Protocol Server ]
>         68 [ bootpc => Bootstrap Protocol Client ]
>         69 [ TFTP => Trivial File Transfer Protocol ]
>         88 [ Kerberos 5 ]
>         111 [ RPC => SUN Remote Procedure Call ]
>         123 [ NTP => Network Time Protocol ]
>         143 [ imap => Internet Message Access Protocol ]
>         161 [ SNMP => Simple Network Management Protocol ]
>         162 [ SNMP trap ]
>         514 [ syslog ]
>         517 [ talk ]
>         520 [ router => Router routed RIPv.1, RIPv.2 ]
>         749 [ Kerberos Administration ]
>         1167 [ phone => Conference calling ]
>         1433 [ ms-sql-s => Microsoft SQL Server ]
>         1434 [ ms-sql-m => Microsoft SQL Monitor ]
>         1512 [ wins => Microsoft Windows Internet Name Service ]
>         1900 [ ssdp => Simple Service Discovery Protocol ]
>         2049 [ nfsd => Network File System daemon ]
> 
> How can I close these ports? Can you recommend a good reading (online)
> that talks about hardening servers. Thank you.
> --
> Philippine Linux Users' Group (PLUG) Mailing List
> [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph)
> Official Website: http://plug.linux.org.ph
> Searchable Archives: http://marc.free.net.ph
> .
> To leave, go to http://lists.q-linux.com/mailman/listinfo/plug
> .
> Are you a Linux newbie? To join the newbie list, go to
> http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
>
--
Philippine Linux Users' Group (PLUG) Mailing List
[EMAIL PROTECTED] (#PLUG @ irc.free.net.ph)
Official Website: http://plug.linux.org.ph
Searchable Archives: http://marc.free.net.ph
.
To leave, go to http://lists.q-linux.com/mailman/listinfo/plug
.
Are you a Linux newbie? To join the newbie list, go to
http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie

Reply via email to