M. Fioretti wrote:
Hello,
I have just ran nmap on a remote server with a minimal (or so I believed) Centos 4.3 installation. Besides what I expected (ssh, httpd, smtp) it found as open for listening these ports:
Starting Nmap 3.95 ( http://www.insecure.org/nmap/ ) at 2006-06-14 17:57 CEST Interesting ports on <my.remote.server> (The 1667 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 445/tcp filtered microsoft-ds 1720/tcp filtered H.323/Q.931
which programs are these, and why should they be part of a server install? How can I find them so I can uninstall them?
your /etc/services file should have info that you can always look at ( but its a text file, does not indicate whats actually running where.. )
to check for whats actually on there, use something like lsof ( the man page for lsof is very well done, a worthy read ). a Shortcut here :
lsof -i :445
will tell you whats up with your port 445.