On Fri, Sep 06, 2002 at 12:16:39PM +0200, Ramin Motakef wrote: > Hi all, > Todays nmap run shows me: > > Interesting ports on (xxxxxx): > (The 59984 ports scanned but not shown below are in state: closed) > Port State Service > 21/tcp open ftp > 22/tcp open ssh > 25/tcp open smtp > 53/tcp open domain > 80/tcp open http > 110/tcp open pop-3 > 111/tcp open sunrpc > 143/tcp open imap2 > 199/tcp open smux > 389/tcp open ldap > 443/tcp open https > 993/tcp open imaps > 995/tcp open pop3s > 3306/tcp open mysql > 5432/tcp open postgres Assuming that the nmap was run from "the outside": Do you really need all those ports to be open? E.g. sunrpc, domain ? mysql and postgres ? AFAIK both bind (tcp/domain) and nfs (tcp/sunrpc) have had their share of security problems [admittedly mostly the latter, but] ... -- Karl E. Jørgensen firstname.lastname@example.org www.karl.jorgensen.com ==== Today's fortune: In specifications, Murphy's Law supersedes Ohm's.
Description: PGP signature