Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Westi on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

closing open ports

Status
Not open for further replies.
aaronkeith

aaronkeith

MIS
Oct 1, 2002
39
CA
hi eveyone! I would like to ask your assistance on how am i going to know all open ports in my aix server. If ever these ports are not being used by our system, how can i deactivate/close those ports?

Thank you so much in advance!
 
Sort by date Sort by votes

To see open ports use 'netstat -finet -a'

If you want to close them just remove the service from /etc/inetd.conf. (For most services anyway)

Cheers Henrik Morsing
Certified AIX 4.3 Systems Administration
& p690 Technical Support
 
Upvote 0 Downvote
thank you Henrik! i'll try to do that... i don't need to comment out these services on /etc/services? Also, our security admin made a vulnerability assessment on our aix box and it was reported that 10 tcp ports and 5 udp ports are open. I would like to ask what would be the impact if i'll close the following ports:

tcp port : 111 (SUN remote procedure call)
512 : remote process execution
6000 : X server
6112 : dtspcd

udp ports : 67 (bootps - bootstrap protocol server)
69 (TFTP = trivial file transfer protocol)
111 (SUN Remote Procedure Call)
161 (SNMP - Simple Network Management Protocol)
514 syslog

Sorry for asking too much but i am not very knowledgeable about these ports so i am really asking your help. But I am doing my research as well.

Thanks again!
 
Upvote 0 Downvote

No, the /etc/services is just for lookups. Don't touch that.

Port 111 depends on if you're using NFS or other services that rely on RPC. Write 'rpcinfo' and you'll see what services uses it.

You can close 512, you probably don't use it. It's for calling programs on the server remotely.

Definately close 6000. That's your X server. Go to the file /usr/dt/config/Xservers and comment out the last line starting with :0. Then restart the dtsrc resource. (stopsrc -s dtsrc and startsrc -s dtsrc).

Don't know what 6112 is.

IF no X-terminals boot of your server then you can close udp 67 and 69. If something on the network stop working turn if on again. They're used for booting diskless devices (could be printers).

161 SNMP: I you don't know it, you don't use it.

If the server is recieving syslog messages from other servers you need 514. Otherwise...

Cheers Henrik Morsing
Certified AIX 4.3 Systems Administration
& p690 Technical Support
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

moudmmm
  • Locked
  • Question
Cann't open XManager to AIX
Replies
1
Views
204
unixfreak
unixfreak
pa2nc
  • Locked
  • Question
HMC using open Network
Replies
1
Views
138
itsp1965
itsp1965
msxi
  • Locked
  • Question
IBM AIX tcp port opens twice when initiating a connection as part of an interface
Replies
0
Views
100
msxi
msxi
tericen
  • Locked
  • Question
Need help with ports to open for NIM to get through a Firewall DMZ
Replies
2
Views
252
cspilman
cspilman
frbjeffj
  • Locked
  • Question
Ok... wtf is going on here.. can't open my own thread?
Replies
1
Views
85
frbjeffj
frbjeffj

Part and Inventory Search

Sponsor

Back
Top