also @ TechSpot: Toshiba abandons netbook market in US, focuses on Ultrabooks instead

TechSpot

Is my Redhat 9 safe with all this ports Open?

Discussion in 'The Alternative OS' started by novkhan, May 12, 2004.

Thread Status:
Not open for further replies.

  1. novkhan Newcomer, in training

    Is my Redhat 9 safe with all this ports Open?

    Goodday.

    I have a Aztech 4 port router a RH9 behind it.

    I did a NMAP on the Router and i got this results:

    Interesting ports on
    adslXXX.dynXXX.pacific.net.sg (210.24.XXX.XXX.):

    (The 1599 ports scanned but not shown below are in state: closed)
    Port State Service
    80/tcp open http
    255/tcp open unknown

    Are this ports safe or do i have to close them.

    And i did a NMAP scan on my RH9

    Interesting ports on (10.0.0.X):
    (The 1594 ports scanned but not shown below are in state: closed)
    Port State Service
    22/tcp open ssh
    80/tcp open http
    111/tcp open sunrpc
    139/tcp open netbios-ssn
    443/tcp open https
    901/tcp open samba-swat
    6000/tcp open X11

    By the way i have amule running, i wonder if the ports are reflected here.

    Please advise on what uncessary port i have to close to secure my PC .
    Thanks.
    Oh yah... Additional info I am also sharing files between my RH9 and Win 2000.
    :)
    novkhan, May 12, 2004
    #1

  2. Nodsu Newcomer, in training

    Someone move this post to alternative OS or networking and I'll answer..
    Nodsu, May 12, 2004
    #2

  3. Nodsu Newcomer, in training

    Unless you have forwarded the ports 80 and 255 on the router knowingly then those open ports are Very Bad.

    Your router should drop everything you haven't explicitly allowed. If your router supports uPnP turn it off! Check for suspicious apps on your computers. If your router is configurable through a web interface, make sure the router only allows configuring from the local network!

    As for the ports open on Linux machine.. It is the services you have allowed yourself. None of them are a vulnerability since the default settings of RedHat are rather secure and your router should take care of most attack attempts.

    SSH (in the form of sshd running on your machine) is a good and handy thing. Secure SHell is (as the name implies) a secure way to administer your machine remotely.

    HTTP (80) and HTTPS (443) are most likely Apache you installed but forgot to disable. If you don't have any plans to run a webserver then just disable the httpd service.

    Sun RPC is most likely NFS you installed. You have no use for this since your other machine is Windows and you are already using Samba. Disable the NFS service.

    139 is your Samba.

    Port 601 is the Web interface to Samba. If you prefer point and click to messing around in smb.conf then leave it running. You router should protect you from any hacking attempts.

    Port 6000 is the X server. No way to turn it off unless you are willing to run command line only.
    Nodsu, May 12, 2004
    #3

  4. novkhan Newcomer, in training

    THANKYOU!
    novkhan, May 12, 2004
    #4

  5. Mictlantecuhtli TS Special Forces

    Mictlantecuhtli, May 13, 2004
    #5
Thread Status:
Not open for further replies.