Hello
We have recently been through an audit of our solaris servers.
All our solaris servers are running version 10.
We have been told to close down all the services and we have closed what we could by using svcadm disable
We only wish to let ssh and the ftp service to run.
Below is a list of the services that are still running.
Starting Nmap 5.00 ( http://nmap.org ) at 2010-01-20 08:13 SAST
Interesting ports on pluto (168.X.X.X):
Not shown: 976 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
111/tcp open rpcbind
513/tcp open login
587/tcp open submission
3300/tcp open unknown
4045/tcp open lockd
5555/tcp open freeciv
6112/tcp open dtspc
6788/tcp open unknown
6789/tcp open ibm-db2-admin
7100/tcp open font-service
32771/tcp open sometimes-rpc5
32772/tcp open sometimes-rpc7
32775/tcp open sometimes-rpc13
32776/tcp open sometimes-rpc15
32777/tcp open sometimes-rpc17
32778/tcp open sometimes-rpc19
32779/tcp open sometimes-rpc21
32780/tcp open sometimes-rpc23
32781/tcp open unknown
32782/tcp open unknown
65000/tcp open unknown
Nmap done: 1 IP address (1 host up) scanned in 27.28 seconds
.
Can someone please help and explain what these services are, and which ones should be closed?
Why so many rpc services are needed?
Is the login service needed?
I assume we can close the ibm-db2 service as there are no ibm products installed
Please help.
Thank you so much, much appreciated.
Solly