Security Basics mailing list archives

Re: locking down my solaris box

From: John Jasen <jjasen () realityfailure org>
Date: Thu, 13 May 2004 14:10:25 -0400 (EDT)

On Wed, 12 May 2004, Juan Declet wrote:

7/tcp     open  echo
9/tcp     open  discard
13/tcp    open  daytime
19/tcp    open  chargen


these are controled by inetd, the config file is /etc/inetd.conf

25/tcp    open  smtp
80/tcp    open  http
111/tcp   open  rpcbind
139/tcp   open  netbios-ssn
445/tcp   open  microsoft-ds


these are started up by startup scripts.

512/tcp   open  exec
513/tcp   open  login
514/tcp   open  shell
515/tcp   open  printer


also in inetd.conf

540/tcp   open  uucp

??

587/tcp   open  submission


probably by the smtp or sendmail startup script

898/tcp   open  sun-manageconsole
901/tcp   open  samba-swat
5901/tcp  open  vnc-1
6000/tcp  open  X11
6001/tcp  open  X11:1
6112/tcp  open  dtspc
7100/tcp  open  font-service
9999/tcp  open  abyss


I'd need to look.

32772/tcp open  sometimes-rpc7
32775/tcp open  sometimes-rpc13
32776/tcp open  sometimes-rpc15
32777/tcp open  sometimes-rpc17
32778/tcp open  sometimes-rpc19


probably various rpc services in inetd.conf

/etc/services is a good place to start looking as to what service uses 
what ports.



-- 
-- John E. Jasen (jjasen () realityfailure org)
-- No one will sorrow for me when I die, because those who would
-- are dead already. -- Lan Mandragoran, The Wheel of Time, New Spring

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Current thread:

locking down my solaris box Juan Declet (May 13)
- RE: locking down my solaris box Robert Escue (May 14)
- Re: locking down my solaris box John Jasen (May 14)
- Re: locking down my solaris box Ivan Angelov (May 14)
- Re: locking down my solaris box Jay D. Dyson (May 14)
- <Possible follow-ups>
- RE: locking down my solaris box Amin Tora (May 14)
- Re: locking down my solaris box Ivan Coric (May 17)