Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Windows 2000 server ports, services to close.

From: Pablo Hauser <pablohauser () yahoo com ar>
Date: Thu, 14 Oct 2004 09:17:35 -0300 (ART)
I assumed that it was a public access server. That's
why I ask for some more information... ;)

HTH


 --- vinod bhaskar gadgoli <sdmvinod () rediffmail com>
escribió: 

  
But port 139 and 445 are needed if you are using
Filer and Print sharing on that machine.
better idea wud be to filter traffic to this port
or avoid information leakage by changing the
registry settings
restrictanonymos = 2
:-)
We also need to consider wher is it placed in the
network 


On Wed, 13 Oct 2004 Pablo Hauser wrote :

It depends on which services will you provide, tell

us

some more... But maybe you should close immediatly
TCP135, 139 and 445...



Brent Clark <bclark () rocketseed us> wrote: Hi all

Could someone please advise me on how and what

ports

do I have to shutdown
for a Microsoft Wintendo 2000 server.
If anyone has a link, URL, doc, etc to advise me,

it

would be soo
apprecaited

On my linux box I run and port scan and these are

what

I found (Quite scary
actually, im soo glad that into Linux)



============================================================================

=================
Starting nmap 3.70 ( http://www.insecure.org/nmap/

)

at 2004-10-13 09:12
SAST
Initiating SYN Stealth Scan against ctsql
(192.168.111.123) [1660 ports] at
09:12
Discovered open port 3389/tcp on 192.168.111.123
Discovered open port 6103/tcp on 192.168.111.123
Discovered open port 3052/tcp on 192.168.111.123
Discovered open port 135/tcp on 192.168.111.123
Discovered open port 445/tcp on 192.168.111.123
Discovered open port 6101/tcp on 192.168.111.123
Discovered open port 1433/tcp on 192.168.111.123
Discovered open port 139/tcp on 192.168.111.123
Discovered open port 3372/tcp on 192.168.111.123
Discovered open port 2301/tcp on 192.168.111.123
Discovered open port 1026/tcp on 192.168.111.123
Discovered open port 1025/tcp on 192.168.111.123
The SYN Stealth Scan took 1.59s to scan 1660 total
ports.
For OSScan assuming that port 135 is open and port

1

is closed and neither
are firewalled
Host ctsql (192.168.111.123) appears to be up ...
good.
Interesting ports on ctsql (192.168.111.123):
(The 1648 ports scanned but not shown below are in
state: closed)
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
1025/tcp open NFS-or-IIS
1026/tcp open LSA-or-nterm
1433/tcp open ms-sql-s
2301/tcp open compaqdiag
3052/tcp open PowerChute
3372/tcp open msdtc
3389/tcp open ms-term-serv
6101/tcp open VeritasBackupExec
6103/tcp open RETS-or-BackupExec
MAC Address: 00:0F:20:98:2B:8B (Hewlett Packard)
Device type: general purpose
Running: Microsoft Windows 95/98/ME|NT/2K/XP
OS details: Microsoft Windows Millennium Edition

(Me),

Windows 2000
Professional or Advanced Server, or Windows XP
TCP Sequence Prediction: Class=random positive
increments
Difficulty=9327 (Worthy challenge)
IPID Sequence Generation: Busy server or unknown

class


Nmap run completed -- 1 IP address (1 host up)

scanned

in 3.449 seconds




============================================================================

===============

Kind Regards and thanks in advance
Brent Clark




Pablo D. Hauser

---------------------------------
Ahora podés usar Yahoo! Messenger en tu Unifón, en
cualquier momento y lugar.
Encontrá más información aquí.


=====
Pablo D. Hauser

Correo Yahoo! - 6 MB, tecnología antispam ¡gratis!
 Suscribite ya http://correo.yahoo.com.ar/



Vinod 


=====
Pablo D. Hauser


        
        
                
___________________________________ 
¡Llevate a Yahoo! en tu Unifón! 
Ahora podés usar Yahoo! Messenger en tu Unifón, en cualquier momento y lugar. 
Encontrá más información en: http://ar.mobile.yahoo.com/sms.html
Previous By Date Next
Previous By Thread Next

Current thread: