Re: Is this server secure enough? Is this server hackable?

From: "cyberquest" <alexccy7570@xxxxxxxxx>

| I have just help up in setting up a server in my company ... and I
| attempt to do a NMap port scan ... the results is shown below
|
| Interesting ports on xxx.xxx.xxx.xxx (This is the IP address of
| course):
| Not shown: 1654 closed ports
| PORT STATE SERVICE
| 25/tcp open smtp
| 42/tcp open nameserver
| 53/tcp open domain
| 80/tcp open http
| 88/tcp open kerberos-sec
| 110/tcp open pop3
| 135/tcp open msrpc
| 139/tcp open netbios-ssn
| 389/tcp open ldap
| 443/tcp open https
| 445/tcp open microsoft-ds
| 464/tcp open kpasswd5
| 593/tcp open http-rpc-epmap
| 636/tcp open ldapssl
| 691/tcp open resvc
| 995/tcp open pop3s
| 1026/tcp open LSA-or-nterm
| 1029/tcp open ms-lsa
| 1720/tcp filtered H.323/Q.931
| 2105/tcp open eklogin
| 3268/tcp open globalcatLDAP
| 3269/tcp open globalcatLDAPssl
| 3389/tcp open ms-term-serv
| 5631/tcp open pcanywheredata
| 6001/tcp open X11:1
| 6002/tcp open X11:2
| Nmap finished: 1 IP address (1 host up) scanned in 18.578 seconds
|
| My question is ... is this server secure enough to prevent hackers from
| coming in and ... if this system is hackable ... how will the attackers
| do it and how can I prevent it?

That certainly is a large number of open ports but is STILL insufficiengt infornmation to
stae if the seerver is secure or not.

The more posrts that are open, the easier it is to hack.

What's important is is if nodes from the POV of the Internet can see those open ports and
can find vulnerabilities on those ports.

Off hand, without more information I must be on the side of caution and say NO.
It is NOT secure.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm


.

Relevant Pages

  • Re: Whats a decent modem/router for tech savy user?
    ... It is not possible to route or deny traffic to specific ports based on the source IP address. ... But it wont route back inside the LAN - needs internal DNS server spoofing. ... Normally, this option should be Enabled, so that an Internet connection will be made automatically, whenever Internet-bound traffic is detected. ... Specifying a Default DMZ Server allows you to set up a computer or server that is available to anyone on the Internet for services that you haven't defined. ...
    (uk.telecom.broadband)
  • Re: Cannot connect to RWW from home PC
    ... That would be the address you need a DNS record for. ... You say "And in the router you need to forward to your external nic IP" ... Still can't telnet to any of your ports at your public ip address. ... Heres' the info for our server: ...
    (microsoft.public.windows.server.sbs)
  • Re: Netopia 3347NWG with Remote Desktop and Remote Web Workplace
    ... Glad you're back in business Greg! ... Ports Closed ... Despite this, Remote Web Workplace DOES WORK now, and Connect to Server ... Exchange BPA updates), ...
    (microsoft.public.windows.server.sbs)
  • Solution -> Re: SSH tunnel question.
    ... change IPS and ports around but that is not a big deal. ... telnet/ftp/rsh open on a server including on the Internet facing ports! ... I will go from the corp desktop to a hop ... through the firewall to the hop ...
    (SSH)
  • Re: Exch2003 front-end questions
    ... all the supported protocol ports must be open on the inner ... communication between the front-end server and the back-end servers. ... lists the ports required for the intranet firewall. ...
    (microsoft.public.isa)