SecuritySkip Navigation
border

Conferences and Events | Online Resources | Programs | Security | Services | Shared Network | Technical Support | Training
About MOREnet | Contact Us | Search | MyMOREnet Login | Collaboration Matrix


Home » Security

Resources for Security Network Services

Interpreting Scan Results — Linux Machines

On most Linux machines, the following ports will be open:

TCP Port UDP Port Service Notes
22 22 Secure shell A more secure way of connecting to the machine, like an updated telnet session.
901 901 SAMBA Web administration tool SAMBA Web Administration Tool
http://www.samba.org/samba/
docs/man/swat.8.html

If the machine is a server, the following ports may be open:

TCP Port UDP Port Service Notes
21 21 FTP File Transfer Protocol. Disable if not needed. Also, disable anonymous FTP if not needed. MOREnet Security recommends SFTP instead of plain FTP to the traffic is encrypted.
25 25 SMTP Simple Mail Transfer Protocol. Should be enabled on a server but not on a workstation.
53 53 DNS Domain Name System. Used only if a site is running its own DNS server. If not running a DNS server, stop this service and use MOREnet's DNS servers.
80 80 HTTP HyperText Transfer Protocol. Webserver; things like Apache, Microsoft's Internet Information Server, etc.
110 110 POP3 Post Office Protocol, version 3. Used to POP mail from the machine.
8080 8080 HTTP Proxy There are many examples of proxy servers running on this port.

This is not a complete list of ports and services. Your server may have other ports open. For a complete list of ports and associated services, please see one of these locations:

Best Practices for Network Security

  • Don't run unnecessary services.
  • Keep software up to date, with respect to security issues.
  • Restrict access to services via authentication, filters and encryption.
  • Monitor access logs.
  • Properly install and monitor "personal firewall" to detect and contain both incoming and outgoing traffic.
  • Properly install and monitor external firewall as an added layer of protection.
Security Information

2007 Advanced Technical Security Symposium
Security Series Web Seminars
Security Awareness

Services

Blackhole DNS
E-mail Virus and Spam Filtering
Good Net Neighbor Service - Phase 1
Good Net Neighbor Service - Phase 2
Internet Content Filtering
Remote Vulnerability Assessment Service

Incident Response

Incident Response
Online Incident Report

Security Tools and Documents

Security Tools
Security Policies and Presentations

Security Contact Information

E-mail: security@more.net
Phone: 1-800-509-6673
Fax: +1-573-884-7699

 
Spacer Graphic

 
border
Copyright © 2002-2005 MOREnet. All rights reserved. Reviewed May 13, 2005.
Contact security@more.net. DMCA and other copyright information.
Site Information: Copyright, accessibility, privacy and other information about this site.
PageMinder: Receive an e-mail notice when this page updates.

Search MOREnet  Advanced Search