Is my Redhat 9 safe with all this ports Open?

By novkhan ยท 4 replies
May 12, 2004
  1. Is my Redhat 9 safe with all this ports Open?


    I have a Aztech 4 port router a RH9 behind it.

    I did a NMAP on the Router and i got this results:

    Interesting ports on (210.24.XXX.XXX.):

    (The 1599 ports scanned but not shown below are in state: closed)
    Port State Service
    80/tcp open http
    255/tcp open unknown

    Are this ports safe or do i have to close them.

    And i did a NMAP scan on my RH9

    Interesting ports on (10.0.0.X):
    (The 1594 ports scanned but not shown below are in state: closed)
    Port State Service
    22/tcp open ssh
    80/tcp open http
    111/tcp open sunrpc
    139/tcp open netbios-ssn
    443/tcp open https
    901/tcp open samba-swat
    6000/tcp open X11

    By the way i have amule running, i wonder if the ports are reflected here.

    Please advise on what uncessary port i have to close to secure my PC .
    Oh yah... Additional info I am also sharing files between my RH9 and Win 2000.
  2. Nodsu

    Nodsu TS Rookie Posts: 5,837   +6

    Someone move this post to alternative OS or networking and I'll answer..
  3. Nodsu

    Nodsu TS Rookie Posts: 5,837   +6

    Unless you have forwarded the ports 80 and 255 on the router knowingly then those open ports are Very Bad.

    Your router should drop everything you haven't explicitly allowed. If your router supports uPnP turn it off! Check for suspicious apps on your computers. If your router is configurable through a web interface, make sure the router only allows configuring from the local network!

    As for the ports open on Linux machine.. It is the services you have allowed yourself. None of them are a vulnerability since the default settings of RedHat are rather secure and your router should take care of most attack attempts.

    SSH (in the form of sshd running on your machine) is a good and handy thing. Secure SHell is (as the name implies) a secure way to administer your machine remotely.

    HTTP (80) and HTTPS (443) are most likely Apache you installed but forgot to disable. If you don't have any plans to run a webserver then just disable the httpd service.

    Sun RPC is most likely NFS you installed. You have no use for this since your other machine is Windows and you are already using Samba. Disable the NFS service.

    139 is your Samba.

    Port 601 is the Web interface to Samba. If you prefer point and click to messing around in smb.conf then leave it running. You router should protect you from any hacking attempts.

    Port 6000 is the X server. No way to turn it off unless you are willing to run command line only.
  4. novkhan

    novkhan TS Rookie Topic Starter Posts: 35

  5. Mictlantecuhtli

    Mictlantecuhtli TS Evangelist Posts: 4,345   +11

Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...