Security Basics mailing list archives

locking down my solaris box


From: Juan Declet <Juan.Declet () asu edu>
Date: Wed, 12 May 2004 09:27:19 -0700

The following services are running in my Solaris machine, according to nmap:

Starting nmap 3.50 ( http://www.insecure.org/nmap ) at 2004-05-11 19:07 US Mount
ain Standard Time
Interesting ports on myhost.com
(The 1631 ports scanned but not shown below are in state: closed)
PORT      STATE SERVICE
7/tcp     open  echo
9/tcp     open  discard
13/tcp    open  daytime
19/tcp    open  chargen
25/tcp    open  smtp
80/tcp    open  http
111/tcp   open  rpcbind
139/tcp   open  netbios-ssn
445/tcp   open  microsoft-ds
512/tcp   open  exec
513/tcp   open  login
514/tcp   open  shell
515/tcp   open  printer
540/tcp   open  uucp
587/tcp   open  submission
898/tcp   open  sun-manageconsole
901/tcp   open  samba-swat
5901/tcp  open  vnc-1
6000/tcp  open  X11
6001/tcp  open  X11:1
6112/tcp  open  dtspc
7100/tcp  open  font-service
9999/tcp  open  abyss
32772/tcp open  sometimes-rpc7
32775/tcp open  sometimes-rpc13
32776/tcp open  sometimes-rpc15
32777/tcp open  sometimes-rpc17
32778/tcp open  sometimes-rpc19

Nmap run completed -- 1 IP address (1 host up) scanned in 44.844 seconds

There are services that I know I need, such as samba-swat, sun-manageconsole, abyss, vnc, etc.
This server offers http and samba services, but not much else. Can someone shed some light
on what the echo, discard, daytime, chargen services are for, and if there is any potential
of hosing the machine if these are disabled? I am trying to lockdown this machine against intrusions.

Also, I would like to know what file(s) hold info on which services use which ports.

Regards,
Juan Declet


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------


Current thread: