Closing ports I see when I nmap ...

By mckilldj
Jul 25, 2005
  1. When I run nmap on my enterprise box I get a list of ports (see below). Sunrpc I presume is used for an NFS mount I have to another box, ncd-pref is also related to caching of the mount (I'm guessing) ... but what is sometimes-rpc3 and do I need it open? Also ... why is X11 open like that twice when I run X on another box and use it with vnc etc without having to leave a port open specifically for X11 or X11:4.

    Starting nmap V. 3.00 ( )
    Interesting ports on pblade2 (
    (The 1593 ports scanned but not shown below are in state: closed)
    Port State Service
    22/tcp open ssh
    80/tcp open http
    111/tcp open sunrpc
    443/tcp open https
    5977/tcp open ncd-pref-tcp
    6000/tcp open X11
    6004/tcp open X11:4
    32770/tcp open sometimes-rpc3

    I do appreciate your time and advice.

  2. ihameed

    ihameed TS Rookie

    What operating system are you using?

    If it's a BSD variant, try running:
    sockstat -4

    If it's a Linux machine, try:
    netstat -e --program
  3. Mictlantecuhtli

    Mictlantecuhtli TS Evangelist Posts: 4,345   +11

    Did you start X with --nolisten tcp parameter?

    Read from here about port 32770. I'd say you should close it.
  4. jobeard

    jobeard TS Ambassador Posts: 11,161   +986

    documentation only:

    first: any port on can ONLY be accessed from within your system.
    Nothing on the internet can access this IP address.

    Port 111 is the original Portmap service for InterProcess communications and
    system to systems service mapping. Unless you have specific software that
    needs this port open, you should disable it in /etc/services

    If you're running a Desktop like GNU, KDE, you need X11 to be running.

    Port 80 says you have a webserver active and port 22 is the SAFE
    alternative to Telnet and FTP. Again, close these services unless you need them.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...