Do I need these ports open?

Andy Green andy at warmcat.com
Thu Apr 19 06:56:29 UTC 2007


Simon Slater wrote:
> 	Hi all,
> 
> 	Just a quick question arising from following another thread.  Here is
> the result of nmap on a FC6 box:
> 
> $ nmap localhost

This is a misleading test... those ports have something listening on 
them, that is not the same as being "open" to the outside.  You have 
done the nmap locally from inside your machine's firewall on the 
loopback interface, the results will be very different indeed if you 
instead do the nmap from a second machine on your LAN against your 
external interface (eg, eth0).

The only port that should be actually "open" out of the box is the sshd 
one on 22.

-Andy




More information about the fedora-list mailing list