Re: closing unwanted ports - and what is 1720/tcp filtered H.323/Q.931
>
>On Thu, Dec 15, 2005 at 12:35:09PM +0000, kevin bailey wrote:
>} hi,
>}
>} these ports seem to be open by default on a standard sarge setup
>}
>} PORT STATE SERVICE
>} 9/tcp open discard
Useless. Turn it off.
will do
} 13/tcp open daytime
Useless. Time in text format, without a timezone. Off.
ok
} 21/tcp open ftp
Off. Security hole if passwords are sent, they aren't encrypted.
will be trying to move to SFTP
} 22/tcp open ssh
I move to another port number to foil port scanners.
good idea
} 25/tcp open smtp
I run postfix for my mailserver. Much simpiler than exim.
i have actually switched to courier for this server because i was able to
set up virtual domains
i have used postfix for other clients and will be moving to it now because
it handles virtual domains and i simply prefer it.
} 37/tcp open time
Can be turned off, but I leave it on and change the user from root to
nobody. I am a public ntp server and many people like to use this time
service also. "rdate" gets the time from this service.
will turn off
} 110/tcp open pop3
I firewall this off from the outside.
I don't want passwords being passed to this from the outside.
they are virtual accounts which are probably left by the users all over the
place - there's not much i can do to protect these passwords - but at least
they are not system accounts
} 111/tcp open rpcbind
Do NOT leave this one open.
will do.
} 143/tcp open imap
You probably don't need this AND pop 110.
I don't run this.
} 1720/tcp filtered H.323/Q.931
Don't know what this is. But I don't have it.
seems like it may be due to demon stopping VOIP traffic.
thanks for your help,,
kev
-- E Frank Ball frankb@frankb.us
Reply to: