[CentOS] OT: Port Scan

Tue Aug 26 22:48:48 UTC 2008
Lanny Marcus <lmmailinglists at gmail.com>

On Tue, Aug 26, 2008 at 4:52 PM, Les Mikesell <lesmikesell at gmail.com> wrote:
> Lanny Marcus wrote:
>>
>>>> I just did a port scan on one of my web sites. Shared Hosting. Looking
>>>> at ports 1863, 3000 and 3001. Are those ports normally open or
>>>> something I should file a support ticket about? TIA!
>>>>
>>>> Port State Service
>>>> 21 open ftp
>>>> 22 open ssh
>>>> 25 open smtp
>>>> 80 open http
>>>> 110 open pop3
>>>> 143 open imap
>>>> 443 open https
>>>> 993 open imaps
>>>> 995 open pop3s
>>>> 1863 open msnp
>>>> 3000 open hbci
>>>> 3001 open redwood-broker
>>>> 3306 open mysql
>>>> 5190 open aol
>>>> 5432 open postgres
>>>
>>> Ports are 'open' when you start programs that listen on them.  lsof
>>> should
>>> tell you what those programs are.
>>
>> Les, I wondered why they have those ports open. 1863 is MSN Messenger.
>> 3000 is RemoteWare Client and 3001 is Redwood Broker.
>> Lanny
>
> Port usage is fairly arbitrary.  That is, you can configure most programs to
> listen on non-standard ports so the actual activity may have nothing to do
> with the registered name for the port.  If you don't have access to find the
> program using the port you should ask about it.

OK. I think I will put in a support ticket and ask them. It's a shared
server, running  chrootd. If they can close those 3 ports for this
site,
it should make it a little bit more secure.  Also, there are other
services I'm not using, and if they can stop them and  close ports,
fewer ports open.