RH Taroon Beta Open Ports

rhldevel at assursys.co.uk rhldevel at assursys.co.uk
Mon Aug 25 11:50:23 UTC 2003


Hi -

I've just done a "complete" install of Taroon on a scratch box, with
iptables firewalling disabled. The following services are listening on
external network interfaces:

Port       State       Service
22/tcp     open        ssh
68/udp     open        dhcpclient
111/tcp    open        sunrpc
111/udp    open        sunrpc
123/udp    open        ntp
1010/udp   open        unknown
6000/tcp   open        X11

ssh (we don't want to lock users out after an upgrade), ntp and dhcpclient
(both manually configured during install) are reasonably justified, IMHO,
but what is the justification for having rpc.statd, portmap and X11
listening by *default* (especially on a machine that hasn't been configured
to use NIS)?

Given the problems that Windows has with network services listening by
default, shouldn't we be learning from their mistakes? Yes, the user
needs to disable firewalling at install time to expose these services, but I
can't help thinking that plenty of naïve users will do so...

Best Regards,
Alex.





More information about the devel mailing list