Re: locking down my solaris box

[Ivan Angelov <iba () efficient-soft com>]

Hello,

Juan Declet wrote:

> There are services that I know I need, such as samba-swat, sun-manageconsole, abyss, vnc, etc.
> This server offers http and samba services, but not much else. Can someone shed some light
> on what the echo, discard, daytime, chargen services are for, and if there is any potential
> of hosing the machine if these are disabled? I am trying to lockdown this machine against intrusions.
# netstat -lnp
This command will give you information about which ports are open and 
which processes listen on them.
However if you notice difference in the output of that command and the 
output of the nmap (e.g. nmap shows that 7100 is open, but netstat 
thinks it's not open) then you should consider that your machine might 
have been cracked.

> Also, I would like to know what file(s) hold info on which services use which ports.
/etc/services

Regards,
Ivan Angelov



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------