Re: Fedora 8 ports open

On Fri, 16 Nov 2007 19:24:24 +0000, Georg Klein wrote:

Ivan Marsh <annoyed@xxxxxxx> wrote:
On Tue, 13 Nov 2007 22:26:25 +0000, Georg Klein wrote:

Zam <NOSPAM@xxxxxxxxxxx> wrote:


What's opening the ports?

SSH, POP3, RCP, IMAP and something using port 995... you should
never run without a firewall.

To use your "well-known ports" example, port 995 is pop3s (secure
pop3, much preferred from wireless hot-spots).

As root:
lsof -i :22,110,111,143,995
or
netstat -pan | egrep ":22|:110|:111|:143|:995"

Thanks guys. I neglected to mention that I am configuring shorewall.
I had forgotten to add it to the startup scripts. When I start
shorewall all is well.

I think, in general it is not OK to have these ports open after a
fresh standard install.

Fedora/RH has always had certain services running at install... the
firewall configurator that runs at install determines whether traffic
is allowed to access them.

yes, you are right. But at least since RH 7 and all the following stuff
(RH, Fedora and RHEL), pop3, pop3s and imap have never been selected,
installed and activated by default.

I don't suppose I've ever performed the default install... I always choose
what packages to install, and if you select "Mail Server" dovecot and
sendmail are installed and running, for obvious reason. I'd assume the
default install does the same thing choosing "Mail Server" does.

And when running but not needed, it is always better to disable them
than to protect them by a firewall.

Indeed. Shutting down unused services is second on my list after setting
up the firewall after install. Not only for security but for performance.

--
I told you this was going to happen.

.

Relevant Pages

  • Re: How to Stealth POP3 Port 110 using NIS2000?
    ... explanation for why my POP3 port never seemed to get probed yet showed ... I have NIS 2000 1.0 and I use LiveUpdate to renew it with internet ... I'll probably take your advice and avoid installing a second firewall. ...
    (comp.security.firewalls)
  • Re: OWA email OK
    ... the CEICW and which have to be set manually. ... > in and manually set the RRAS firewall setting ... > "Need Port Open Help!" ... >>> A quick way to test and make sure POP3 is working on the server is to ...
    (microsoft.public.windows.server.sbs)
  • Re: Help, my machine has been hacked
    ... >> being used to perform port scans on a bank. ... > It'd take longer than the install. ... The DSL provider said that one of their BSD servers was hacked so they ... Are any of the consumer firewall boxes any better ...
    (comp.os.linux.security)
  • Re: Newbie questions
    ... > 1) Can I install a piece of firewall software which will only permit ... > 2) Is it safer to install a completely seperate firewall machine (eg, ... > running Linux) to route requests to port 80 to MS-Windows Server? ...
    (comp.security.firewalls)
  • Re: OWA email OK
    ... Hi Doug I have ran the CEICW again this time without enabling the built-in ... I am now running the CEICW again to enable built-in firewall ... but this time adding POP3 port 110 tcp. ...
    (microsoft.public.windows.server.sbs)