> >On Thu, Dec 15, 2005 at 12:35:09PM +0000, kevin bailey wrote: >} hi, >} >} these ports seem to be open by default on a standard sarge setup >} >} PORT STATE SERVICE >} 9/tcp open discard
Useless. Turn it off. will do } 13/tcp open daytime Useless. Time in text format, without a timezone. Off. ok } 21/tcp open ftp Off. Security hole if passwords are sent, they aren't encrypted. will be trying to move to SFTP } 22/tcp open ssh I move to another port number to foil port scanners. good idea } 25/tcp open smtp I run postfix for my mailserver. Much simpiler than exim. i have actually switched to courier for this server because i was able to set up virtual domains i have used postfix for other clients and will be moving to it now because it handles virtual domains and i simply prefer it. } 37/tcp open time Can be turned off, but I leave it on and change the user from root to nobody. I am a public ntp server and many people like to use this time service also. "rdate" gets the time from this service. will turn off } 110/tcp open pop3 I firewall this off from the outside. I don't want passwords being passed to this from the outside. they are virtual accounts which are probably left by the users all over the place - there's not much i can do to protect these passwords - but at least they are not system accounts } 111/tcp open rpcbind Do NOT leave this one open. will do. } 143/tcp open imap You probably don't need this AND pop 110. I don't run this. } 1720/tcp filtered H.323/Q.931 Don't know what this is. But I don't have it. seems like it may be due to demon stopping VOIP traffic. thanks for your help,, kev -- E Frank Ball [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
