Security Basics mailing list archives

Windows 2000 server ports, services to close.

From: "Brent Clark" <bclark () rocketseed us>
Date: Wed, 13 Oct 2004 09:17:10 +0200

Hi all

Could someone please advise me on how and what ports do I have to shutdown
for a Microsoft Wintendo 2000 server.
If anyone has a link, URL, doc, etc to advise me, it would be soo
apprecaited

On my linux box I run and port scan and these are what I found (Quite scary
actually, im soo glad that into Linux)

============================================================================
=================
Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2004-10-13 09:12
SAST
Initiating SYN Stealth Scan against ctsql (192.168.111.123) [1660 ports] at
09:12
Discovered open port 3389/tcp on 192.168.111.123
Discovered open port 6103/tcp on 192.168.111.123
Discovered open port 3052/tcp on 192.168.111.123
Discovered open port 135/tcp on 192.168.111.123
Discovered open port 445/tcp on 192.168.111.123
Discovered open port 6101/tcp on 192.168.111.123
Discovered open port 1433/tcp on 192.168.111.123
Discovered open port 139/tcp on 192.168.111.123
Discovered open port 3372/tcp on 192.168.111.123
Discovered open port 2301/tcp on 192.168.111.123
Discovered open port 1026/tcp on 192.168.111.123
Discovered open port 1025/tcp on 192.168.111.123
The SYN Stealth Scan took 1.59s to scan 1660 total ports.
For OSScan assuming that port 135 is open and port 1 is closed and neither
are firewalled
Host ctsql (192.168.111.123) appears to be up ... good.
Interesting ports on ctsql (192.168.111.123):
(The 1648 ports scanned but not shown below are in state: closed)
PORT     STATE SERVICE
135/tcp  open  msrpc
139/tcp  open  netbios-ssn
445/tcp  open  microsoft-ds
1025/tcp open  NFS-or-IIS
1026/tcp open  LSA-or-nterm
1433/tcp open  ms-sql-s
2301/tcp open  compaqdiag
3052/tcp open  PowerChute
3372/tcp open  msdtc
3389/tcp open  ms-term-serv
6101/tcp open  VeritasBackupExec
6103/tcp open  RETS-or-BackupExec
MAC Address: 00:0F:20:98:2B:8B (Hewlett Packard)
Device type: general purpose
Running: Microsoft Windows 95/98/ME|NT/2K/XP
OS details: Microsoft Windows Millennium Edition (Me), Windows 2000
Professional or Advanced Server, or Windows XP
TCP Sequence Prediction: Class=random positive increments
                         Difficulty=9327 (Worthy challenge)
IPID Sequence Generation: Busy server or unknown class

Nmap run completed -- 1 IP address (1 host up) scanned in 3.449 seconds


============================================================================
===============

Kind Regards and thanks in advance
Brent Clark

Current thread:

Re: Windows 2000 server ports, services to close. Pablo Hauser (Oct 13)
- <Possible follow-ups>
- Windows 2000 server ports, services to close. Brent Clark (Oct 13)
  - Re: Windows 2000 server ports, services to close. Ansgar -59cobalt- Wiechers (Oct 14)
  - Re: Windows 2000 server ports, services to close. VHP3 (Oct 14)
    - RE: Windows 2000 server ports, services to close. Robert Hines (Oct 14)
- Re: Windows 2000 server ports, services to close. Don Parker (Oct 14)
  - Re: Windows 2000 server ports, services to close. Ansgar -59cobalt- Wiechers (Oct 15)
- RE: Windows 2000 server ports, services to close. Depp, Dennis M. (Oct 14)
- Re: Windows 2000 server ports, services to close. H Carvey (Oct 14)
- RE: Windows 2000 server ports, services to close. Bénoni MARTIN (Oct 14)
- Re: Re: Windows 2000 server ports, services to close. Pablo Hauser (Oct 14)
- RE: Windows 2000 server ports, services to close. Bénoni MARTIN (Oct 14)