Security Basics mailing list archives
Re: Windows 2000 server ports, services to close.
From: Pablo Hauser <pablohauser () yahoo com ar>
Date: Wed, 13 Oct 2004 14:32:16 -0300 (ART)
It depends on which services will you provide, tell us some more... But maybe you should close immediatly TCP135, 139 and 445... Brent Clark <bclark () rocketseed us> wrote: Hi all Could someone please advise me on how and what ports do I have to shutdown for a Microsoft Wintendo 2000 server. If anyone has a link, URL, doc, etc to advise me, it would be soo apprecaited On my linux box I run and port scan and these are what I found (Quite scary actually, im soo glad that into Linux) ============================================================================ ================= Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2004-10-13 09:12 SAST Initiating SYN Stealth Scan against ctsql (192.168.111.123) [1660 ports] at 09:12 Discovered open port 3389/tcp on 192.168.111.123 Discovered open port 6103/tcp on 192.168.111.123 Discovered open port 3052/tcp on 192.168.111.123 Discovered open port 135/tcp on 192.168.111.123 Discovered open port 445/tcp on 192.168.111.123 Discovered open port 6101/tcp on 192.168.111.123 Discovered open port 1433/tcp on 192.168.111.123 Discovered open port 139/tcp on 192.168.111.123 Discovered open port 3372/tcp on 192.168.111.123 Discovered open port 2301/tcp on 192.168.111.123 Discovered open port 1026/tcp on 192.168.111.123 Discovered open port 1025/tcp on 192.168.111.123 The SYN Stealth Scan took 1.59s to scan 1660 total ports. For OSScan assuming that port 135 is open and port 1 is closed and neither are firewalled Host ctsql (192.168.111.123) appears to be up ... good. Interesting ports on ctsql (192.168.111.123): (The 1648 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 135/tcp open msrpc 139/tcp open netbios-ssn 445/tcp open microsoft-ds 1025/tcp open NFS-or-IIS 1026/tcp open LSA-or-nterm 1433/tcp open ms-sql-s 2301/tcp open compaqdiag 3052/tcp open PowerChute 3372/tcp open msdtc 3389/tcp open ms-term-serv 6101/tcp open VeritasBackupExec 6103/tcp open RETS-or-BackupExec MAC Address: 00:0F:20:98:2B:8B (Hewlett Packard) Device type: general purpose Running: Microsoft Windows 95/98/ME|NT/2K/XP OS details: Microsoft Windows Millennium Edition (Me), Windows 2000 Professional or Advanced Server, or Windows XP TCP Sequence Prediction: Class=random positive increments Difficulty=9327 (Worthy challenge) IPID Sequence Generation: Busy server or unknown class Nmap run completed -- 1 IP address (1 host up) scanned in 3.449 seconds ============================================================================ =============== Kind Regards and thanks in advance Brent Clark Pablo D. Hauser --------------------------------- Ahora podés usar Yahoo! Messenger en tu Unifón, en cualquier momento y lugar. Encontrá más información aquí. ===== Pablo D. Hauser Correo Yahoo! - 6 MB, tecnología antispam ¡gratis! Suscribite ya http://correo.yahoo.com.ar/
Current thread:
- Re: Windows 2000 server ports, services to close. Pablo Hauser (Oct 13)
- <Possible follow-ups>
- Windows 2000 server ports, services to close. Brent Clark (Oct 13)
- Re: Windows 2000 server ports, services to close. Ansgar -59cobalt- Wiechers (Oct 14)
- Re: Windows 2000 server ports, services to close. VHP3 (Oct 14)
- RE: Windows 2000 server ports, services to close. Robert Hines (Oct 14)
- Re: Windows 2000 server ports, services to close. Don Parker (Oct 14)
- Re: Windows 2000 server ports, services to close. Ansgar -59cobalt- Wiechers (Oct 15)
- RE: Windows 2000 server ports, services to close. Depp, Dennis M. (Oct 14)
- Re: Windows 2000 server ports, services to close. H Carvey (Oct 14)
- RE: Windows 2000 server ports, services to close. Bénoni MARTIN (Oct 14)
- Re: Re: Windows 2000 server ports, services to close. Pablo Hauser (Oct 14)
(Thread continues...)