Red Hat & Solaris port security

David Gillett dgillett at NIKU.COM
Mon May 8 17:47:01 EDT 2000 

  Ports are not really "open" on a server; ports that will accept a
connection are ports on which some process/service/daemon is "listening" and
willing to be connected to.  So there are two basic cases:

1.  Server provides services to "the world"; only authorized services will
be running.  No other ports will be "open" because the services that would
listen on those ports are not running, and (preferably) not installed.  In
this scenario, you "close" ports by not loading (or removing) services that
you do not want the host to offer, and "open" them by installing and running
such software.  [While there are registered port numbers for many common
services, the server software may allow you to specify an arbitrary port
number....]

2.  Server provides services to the local net, but not to outsiders; ports
will be reachable from outside only if a "conduit" is specified/"opened" on
the "firewall"[*] permitting such connections.  In this case, ports "opened"
on the server may not appear open to the outside world.

  [*] Most firewalls function either as proxy servers or as filtering
routers/brouters/bridges.  In either case, the default state of a firewall
is to block traffic unless explicitly instructed to allow it.

  There are various "port scanners" which will attempt to determine which
ports a given host will accept connections to.  "nmap" is highly regarded,
and runs on Linux.

David Gillett
Enterprise Networking Services Manager, Niku Corp.
(650) 701-2702
"Transforming the Service Economy"



-----Original Message-----
From: VPN Mailing List [mailto:VPN at SECURITYFOCUS.COM]On Behalf Of Daniel
L. Barnes
Sent: Sunday, May 07, 2000 8:59 PM
To: VPN at SECURITYFOCUS.COM
Subject: Red Hat & Solaris port security


Hello,
I was wondering if anyone knew of commands within Red Hat and Solaris that
you could manually shutdown and open up ports. Also, is there utilities
that I can scan the ports to verify which ones are open and which ones are
closed?

Thankyou for all of your help in the past!

db

VPN is sponsored by SecurityFocus.COM

VPN is sponsored by SecurityFocus.COM

More information about the VPN mailing list