Open Ports on Default Install


So an nmap on a default install of Windows 2003 Server is….



phoenix alan # nmap -O <IP>



Starting nmap 3.48 ( http://www.insecure.org/nmap/ ) at 2003-10-27 07:43 PST

Interesting ports on shiny (<IP>):

(The 1652 ports scanned but not shown below are in state: closed)

PORT STATE SERVICE

135/tcp open msrpc

139/tcp open netbios-ssn

445/tcp open microsoft-ds

1025/tcp open NFS-or-IIS

1026/tcp open LSA-or-nterm

Device type: general purpose

Running: Microsoft Windows 2003/.NET

OS details: Microsoft Windows .NET Enterprise Server (build 3604-3790)



Nmap run completed — 1 IP address (1 host up) scanned in 1.435 seconds

phoenix alan #


Granted, a default RedHat9 isn’t much better, but still, when will people learn? Open ports for non-needed services means bad things can sneak in. Having these services running on boot means that before an admin can get to the box and set things up bad things can sneak in. Last thing you want is your new and shiny box to be 0wned before you can even start things running on it right?