[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: port 6051: hacked?

On Fri, Sep 06, 2002 at 12:16:39PM +0200, Ramin Motakef wrote:
> Hi all,
> Todays nmap run shows me:
> Interesting ports on  (xxxxxx):
> (The 59984 ports scanned but not shown below are in state: closed)
> Port       State       Service
> 21/tcp     open        ftp                     
> 22/tcp     open        ssh                     
> 25/tcp     open        smtp                    
> 53/tcp     open        domain                  
> 80/tcp     open        http                    
> 110/tcp    open        pop-3                   
> 111/tcp    open        sunrpc                  
> 143/tcp    open        imap2                   
> 199/tcp    open        smux                    
> 389/tcp    open        ldap                    
> 443/tcp    open        https                   
> 993/tcp    open        imaps                   
> 995/tcp    open        pop3s                   
> 3306/tcp   open        mysql                   
> 5432/tcp   open        postgres                

Assuming that the nmap was run from "the outside":

Do you really need all those ports to be open? E.g. sunrpc, domain ?
mysql and postgres ?

AFAIK both bind (tcp/domain) and nfs (tcp/sunrpc) have had their share
of security problems [admittedly mostly the latter, but] ...

Karl E. Jørgensen
==== Today's fortune:
In specifications, Murphy's Law supersedes Ohm's.

Attachment: pgpW_kv0HOWap.pgp
Description: PGP signature

Reply to: