Newbie Question: Sometimes-rpc3 ?
Hi All, I have recently installed SuSe 7.2 and scanning my computer with nmap I get the following:
Starting nmap V. 2.53 by fyodor@insecure.org ( www.insecure.org/nmap/ ) Interesting ports on name-changed.protect.inoccent.ac.uk (xxx.xx.x.xx): (The 1519 ports scanned but not shown below are in state: closed) Port State Service 22/tcp open ssh 113/tcp open auth 6000/tcp open X11 32770/tcp open sometimes-rpc3
I do not ever remember authorising 'sometimes-prc3' on port 32770. I do not run NFS or NIS so I am not sure why it is necessary. My question is , is it a big security hole? And how can I shut it/ prevent it from starting up ( i don't see it in inetd.conf nor rc.conf)? Yours, James Ferrando ---------------------------------------------------------------- James Ferrando james@ferrando.co.uk Oxford University ----------------------------------------------------------------
Hello !
My question is , is it a big security hole? And how can I shut it/ prevent it from starting up ( i don't see it in inetd.conf nor rc.conf)?
Have a look at wwww.susesecurity.com/faq There is a detailed description about how to find out more about open ports. HTH, Armin Armin Schöch at the office: Institut für Atmosphärenphysik Ziolkowskistr. 10 / 63 Schlossstraße 6 D-18059 Rostock D-18225 Kühlungsborn Tel. +49-(0)381-4005781 Tel. +49-(0)38293-68-102
Hi James! On Tue, 21 Aug 2001, James Ferrando wrote:
Hi All, I have recently installed SuSe 7.2 and scanning my computer with nmap I get the following:
Starting nmap V. 2.53 by fyodor@insecure.org ( www.insecure.org/nmap/ ) Interesting ports on name-changed.protect.inoccent.ac.uk (xxx.xx.x.xx): (The 1519 ports scanned but not shown below are in state: closed) Port State Service 22/tcp open ssh 113/tcp open auth 6000/tcp open X11 32770/tcp open sometimes-rpc3
I do not ever remember authorising 'sometimes-prc3' on port 32770. I do not run NFS or NIS so I am not sure why it is necessary. My question is , is it a big security hole? And how can I shut it/ prevent it from starting up ( i don't see it in inetd.conf nor rc.conf)?
well, first check what programs is there (say "knock,knock Neo") # lsof -i tcp:32770 or # netstat -tep | grep 32770 next, turn it off based on results. -- teodor
participants (3)
-
Armin Schöch
-
James Ferrando
-
teo@gecadsoftware.com