Closing ports I see when I nmap ...

Status
Not open for further replies.
M

mckilldj

When I run nmap on my enterprise box I get a list of ports (see below). Sunrpc I presume is used for an NFS mount I have to another box, ncd-pref is also related to caching of the mount (I'm guessing) ... but what is sometimes-rpc3 and do I need it open? Also ... why is X11 open like that twice when I run X on another box and use it with vnc etc without having to leave a port open specifically for X11 or X11:4.

Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Interesting ports on pblade2 (127.0.0.1):
(The 1593 ports scanned but not shown below are in state: closed)
Port State Service
22/tcp open ssh
80/tcp open http
111/tcp open sunrpc
443/tcp open https
5977/tcp open ncd-pref-tcp
6000/tcp open X11
6004/tcp open X11:4
32770/tcp open sometimes-rpc3

I do appreciate your time and advice.

Thanks.
 
What operating system are you using?

If it's a BSD variant, try running:
sockstat -4

If it's a Linux machine, try:
netstat -e --program
 
mckilldj said:
why is X11 open like that twice when I run X on another box and use it with vnc etc without having to leave a port open specifically for X11 or X11:4.
Click to expand...
Did you start X with --nolisten tcp parameter?

Read from here about port 32770. I'd say you should close it.
 
documentation only:

mckilldj said:
Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Interesting ports on pblade2 (127.0.0.1):
(The 1593 ports scanned but not shown below are in state: closed)
Port State Service
22/tcp open ssh
80/tcp open http
111/tcp open sunrpc
443/tcp open https
5977/tcp open ncd-pref-tcp
6000/tcp open X11
6004/tcp open X11:4
32770/tcp open sometimes-rpc3
Click to expand...

first: any port on 127.0.0.1 can ONLY be accessed from within your system.
Nothing on the internet can access this IP address.

Port 111 is the original Portmap service for InterProcess communications and
system to systems service mapping. Unless you have specific software that
needs this port open, you should disable it in /etc/services

If you're running a Desktop like GNU, KDE, you need X11 to be running.

Port 80 says you have a webserver active and port 22 is the SAFE
alternative to Telnet and FTP. Again, close these services unless you need them.
 
Status
Not open for further replies.

Similar threads

M
PC freezes randomly only when I use my Nvidia graphic card but not my default card
Replies
3
Views
7K
khanspam
K
LookinAround
How to recover your folders/files when Windows won’t boot
2
Replies
46
Views
315K
Kris101
K
N
  • Locked
Is my Redhat 9 safe with all this ports Open?
Replies
4
Views
5K
Mictlantecuhtli
Mictlantecuhtli

Latest posts

Back