SECIRITY: Open ports
Submitted by kar..@..er.com
Description
Package: general
Severity: critical
Version:
Synopsis: SECIRITY: Open ports
Class: change-request
Distribution: Red Hat Linux release 6.1 (Cartman) System: Linux 2.2.15 i686 unknown C library: glibc-2.1.2-11 C compiler: egcs-2.91.66 glib: 1.2.8 GTK+: 1.2.8 ORBit: ORBit-0.5.1-0_helix_2 gnome-libs: gnome-libs-1.2.1-0_helix_1 libxml: libxml-1.8.7-0_helix_1 gnome-print: gnome-print-0.20-0_helix_1 gnome-core: gnome-core-1.2.1-0_helix_1
Description: Gnome 1.2 apperently opens many ports accessable to the outside world.
If there is a specific function to these ports, could they be controlled by hosts.allow/deny?
ports in question: 924 - ? 1024 - ? 1032 - panel? 1083 - gnome-terminal??
--- Included file ---
nmap box.unknown.com
Starting nmap V. 2.53 by fyodor@insecure.org ( www.insecure.org/nmap/ )
Interesting ports on kg.mm.org (207.170.101.46):
(The 1504 ports scanned but not shown below are in state: closed)
Port State Service
19/tcp filtered chargen
22/tcp open ssh
25/tcp open smtp
111/tcp open sunrpc
113/tcp open auth
512/tcp filtered exec
513/tcp filtered login
514/tcp filtered shell
515/tcp open printer
543/tcp filtered klogin
544/tcp filtered kshell
924/tcp open unknown
1024/tcp open kdm
1032/tcp open iad3
1083/tcp open ansoft-lm-1
2049/tcp filtered nfs
2105/tcp filtered eklogin
6000/tcp open X11
6969/tcp filtered acmsoda
Nmap run completed -- 1 IP address (1 host up) scanned in 6 seconds
$ netstat -anp |grep -i listen |more
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp 0 0 0.0.0.0:1085 0.0.0.0:* LISTEN 821/gnome-terminal
tcp 0 0 0.0.0.0:1083 0.0.0.0:* LISTEN 808/gnome-terminal
tcp 0 0 0.0.0.0:1049 0.0.0.0:* LISTEN 773/gnome-terminal
tcp 0 0 0.0.0.0:1048 0.0.0.0:* LISTEN 769/gnome-terminal
tcp 0 0 0.0.0.0:1046 0.0.0.0:* LISTEN 730/gnome-terminal
tcp 0 0 0.0.0.0:1045 0.0.0.0:* LISTEN 724/gnomexmms
tcp 0 0 0.0.0.0:1044 0.0.0.0:* LISTEN 721/mixer_applet
tcp 0 0 0.0.0.0:1043 0.0.0.0:* LISTEN 718/cpumemusage_app
tcp 0 0 0.0.0.0:4000 0.0.0.0:* LISTEN 706/gnomeicu
tcp 0 0 0.0.0.0:1040 0.0.0.0:* LISTEN 710/multiload_apple
tcp 0 0 0.0.0.0:1039 0.0.0.0:* LISTEN 708/gweather
tcp 0 0 0.0.0.0:1038 0.0.0.0:* LISTEN 706/gnomeicu
tcp 0 0 0.0.0.0:1037 0.0.0.0:* LISTEN 704/asclock_applet
tcp 0 0 0.0.0.0:1036 0.0.0.0:* LISTEN 700/deskguide_apple
tcp 0 0 0.0.0.0:1035 0.0.0.0:* LISTEN 702/tasklist_applet
tcp 0 0 0.0.0.0:1034 0.0.0.0:* LISTEN 686/gmc
tcp 0 0 0.0.0.0:1033 0.0.0.0:* LISTEN 688/gnome-name-serv
tcp 0 0 0.0.0.0:1032 0.0.0.0:* LISTEN 684/panel
tcp 0 0 0.0.0.0:6000 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:7102 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:515 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:113 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:924 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:1024 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN -
--- End of file ---
------- Bug moved to this database by debbugs-export@bugzilla.gnome.org 2001-01-27 15:17 ------- This bug was previously known as bug 14170 at http://bugs.gnome.org/ http://bugs.gnome.org/show_bug.cgi?id=14170 Originally filed under the gnome-core product and gnome-terminal component.
The original reporter (karl.grindley@matchmaker.com) of this bug does not have an account here. Reassigning to the exporter, debbugs-export@bugzilla.gnome.org. Reassigning to the default owner of the component, gnome-core-maint@bugzilla.gnome.org.
Resolution: RESOLVED FIXED