[HPADM] HP-UX Ports

From: Stephanie Chung (stepchung_at_yahoo.com)
Date: 03/21/05

  • Next message: Stephanie Chung: "[HPADM] [SUMMARY - HPUX PORTS]" 
    Date: Mon, 21 Mar 2005 09:43:57 -0800 (PST)
To: hpux <hpux-admin@dutchworks.nl>

    Hi List,

    My DBA runs OEM (Oracle Enterprise Management)
    monitoring software and it spits out the 48 violation
    ports opened on my server. He gave the list to my
    boss, and guess what, my boss told me I am not doing
    enough to hardening my server. The OEM complaints “48
    open ports have the potential of permitting a
    malicious user to take over the host. Oracle
    recommends that you close all unnecessarily open
    ports, especially on internet-facing hosts”. These
    ports ranging from 7 through 7815. I get a copy of all
    HP-UX ports and Port Range use from:
    http://docs.hp.com/en/5990-7252/ch01s01.html

    My job now is to identify these 48 ports to see if my
    server is using these ports or not. If not, I have to
    close it from the server. My problem is I don’t know
    how to.

    Take an example of port number 19.
    - How do I know if my server is using port 19?
    - How do I close port 19 from the server?
    - How do I test if port 19 is closed or open from the
    serer?

    My /etc/services file shows:
    chargen 19/tcp ttytst source # Character
    Generator
    chargen 19/udp ttytst source #

    My understanding is /etc/services file is only the
    display. Uncomment the lines in that file will not
    close the port. Man, I need help real bad here. Thanks
    for your help…and appreciation.

    Stepahnie

                    
    __________________________________
    Do you Yahoo!?
    Yahoo! Small Business - Try our new resources site!
    http://smallbusiness.yahoo.com/resources/ 

    --
             ---> Please post QUESTIONS and SUMMARIES only!! <---
        To subscribe/unsubscribe to this list, contact majordomo@dutchworks.nl
       Name: hpux-admin@dutchworks.nl     Owner: owner-hpux-admin@dutchworks.nl
 
 Archives:  ftp.dutchworks.nl:/pub/digests/hpux-admin       (FTP, browse only)
            http://www.dutchworks.nl/htbin/hpsysadmin   (Web, browse & search)
  • Next message: Stephanie Chung: "[HPADM] [SUMMARY - HPUX PORTS]"

    Relevant Pages

    • Re: Whats a decent modem/router for tech savy user?
      ... It is not possible to route or deny traffic to specific ports based on the source IP address. ... But it wont route back inside the LAN - needs internal DNS server spoofing. ... Normally, this option should be Enabled, so that an Internet connection will be made automatically, whenever Internet-bound traffic is detected. ... Specifying a Default DMZ Server allows you to set up a computer or server that is available to anyone on the Internet for services that you haven't defined. ...
      (uk.telecom.broadband)
    • Re: Cannot connect to RWW from home PC
      ... That would be the address you need a DNS record for. ... You say "And in the router you need to forward to your external nic IP" ... Still can't telnet to any of your ports at your public ip address. ... Heres' the info for our server: ...
      (microsoft.public.windows.server.sbs)
    • Re: Netopia 3347NWG with Remote Desktop and Remote Web Workplace
      ... Glad you're back in business Greg! ... Ports Closed ... Despite this, Remote Web Workplace DOES WORK now, and Connect to Server ... Exchange BPA updates), ...
      (microsoft.public.windows.server.sbs)
    • Solution -> Re: SSH tunnel question.
      ... change IPS and ports around but that is not a big deal. ... telnet/ftp/rsh open on a server including on the Internet facing ports! ... I will go from the corp desktop to a hop ... through the firewall to the hop ...
      (SSH)
    • Re: Exch2003 front-end questions
      ... all the supported protocol ports must be open on the inner ... communication between the front-end server and the back-end servers. ... lists the ports required for the intranet firewall. ...
      (microsoft.public.isa)