[Gllug] nmap

Jackson, Harry HJackson at colt-telecom.com
Wed Jan 30 10:51:38 UTC 2002 


> -----Original Message-----
> From: Tom Gilbert [mailto:tom at linuxbrit.co.uk]
> > 
> > 53/tcp  	 	  open        domain                  
> 
> Are you deliberately running public dns? Probably not, so lose it,
> otherwise, fer gawds sake chroot it.

I very rarely do anything deliberately but I would like my windows/RH box to
use the Debian box as its nameserver. I want it like this because BT keep
changing their bloody namservers in a completely random way. I also use
UKlinux during the day. I want something dynamic but looking at BIND was a
bit scary so am currently hunting for a more simple method. Pdnsd has been
mentioned.

> 
> > 111/tcp  	  open        sunrpc                  
> 
> lose that.

I will require a networked file system and nfs was the first that sprang to
mind but looking on the security HOWTO it did not recommend this.

> 
> > 139/tcp    	 open        netbios-ssn             
> 
> lose that.
> 
Does Samba require this port.


> > 515/tcp   	 open        printer                 
> 
> and lose that.

I will get rid of this little bugger


> 
> 
> For the printer and samba, you can make them listen to only 
> an internal
> address. Good luck trying that for sunrpc (the portmapper), that thing
> is a massive source of exploits, so I suggest you find a way 
> to lose it.
> Either don't run rpc-based services (e.g an nfs server) on an internet
> facing machine, or install a firewall to block those ports - which you
> should probably do anyway.
> 
> sshd, httpd, fine.

I really need to look more at iptables and blocking incoming requests on
ports.

Harry




***********************************************************************
COLT Telecommunications
Registered in England No. 2452736
Registered Office: Bishopsgate Court, 4 Norton Folgate, London E1 6DQ
Tel. 020 7390 3900

This message is subject to and does not create or vary any contractual
relationship between COLT Telecommunications, its subsidiaries or 
affiliates ("COLT") and you. Internet communications are not secure
and therefore COLT does not accept legal responsibility for the
contents of this message.  Any view or opinions expressed are those of
the author. The message is intended for the addressee only and its
contents and any attached files are strictly confidential. If you have
received it in error, please telephone the number above. Thank you.

***********************************************************************


-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug

More information about the GLLUG mailing list