On Sat, May 12, 2001 at 09:31:05PM -0700, Marisa Mack wrote:
>
> Port State Service
> 21/tcp open ftp
> 22/tcp open ssh
> 23/tcp open telnet
> 25/tcp open smtp
> 80/tcp open http
> 110/tcp open pop-3
> 111/tcp open sunrpc
> 443/tcp open https
> 513/tcp open login
> 514/tcp open shell
> 635/tcp open unknown
> 1503/tcp open imtc-mcs
> 2040/tcp open lam
> 2049/tcp open nfs
> 3306/tcp open mysql
> 3333/tcp open dec-notes
> 5050/tcp open mmcc
> 9090/tcp open zeus-admin
For those not in the know, this kind of output is produced by the program nmap,
which determines which ports (which are used by network services) are open for
initial contact to the outside world.
Most will require a password to procede, however telnet and ftp accept clear
text password. Hence people relatively near to the machine can theorectical find
out the passwords by watching the network traffic a lot.
Some of these programs, depending on the version, should be shut down unless
you need them open and know how to use them.
Most notable are the sunrpc and nfs ports, probably run by the program called
portmap. This and name serving (port 53, which isn't open) have frequent
vulnerablities.
For reference, my computer has:
22/tcp open ssh
80/tcp open http
139/tcp open netbios-ssn
behind a firewall. netbios-ssn is only necessary if you use Windows's file
sharing protocol with the SAMBA utility. http is open because I use my machine
to test Apache configs and web pages, and ssh for access of course.
To be covered later in FAQ...
Mary.
--
Mary Gardiner
<[EMAIL PROTECTED]>
GPG Key ID: 77625870
_______________________________________________
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk
