[Systems] Open TCP ports
Bernie Innocenti
bernie at sugarlabs.org
Sat Mar 26 00:26:13 EDT 2011
Here's the result of a scan of all our machines.
I see a number of slightly dangerous things, including a lot of open
smtp ports on machines that don't need to receive email.
Please help keep the Sugar Labs infrastructure secure by making daemon
listen only on local ports unless they're actually providing a public
service.
If you'd like to repeat the audit, use this command line:
nmap 140.186.70.53 140.186.70.100-129 18.85.44.118-124
----------8<-----------8<-----------8<-----------8<-----------8<----------
Nmap scan report for sunjammer.sugarlabs.org (140.186.70.53)
Host is up (0.032s latency).
Not shown: 967 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
111/tcp open rpcbind
113/tcp open auth
143/tcp open imap
443/tcp open https
465/tcp open smtps
587/tcp open submission
636/tcp open ldapssl
873/tcp open rsync
993/tcp open imaps
1099/tcp open unknown
2000/tcp open cisco-sccp
2049/tcp open nfs
3306/tcp open mysql
5222/tcp open unknown
5269/tcp open unknown
5280/tcp open unknown
6667/tcp open irc
7778/tcp open unknown
8009/tcp open ajp13
8080/tcp open http-proxy
8090/tcp open unknown
8443/tcp open https-alt
9090/tcp open zeus-admin
9418/tcp open git
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux 2.6.13 - 2.6.28
Uptime guess: 15.752 days (since Thu Mar 10 05:08:42 2011)
Network Distance: 14 hops
TCP Sequence Prediction: Difficulty=203 (Good luck!)
IP ID Sequence Generation: All zeros
Nmap scan report for treehouse.sugarlabs.org (140.186.70.100)
Host is up (0.030s latency).
Not shown: 995 closed ports
PORT STATE SERVICE
22/tcp open ssh
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux 2.6.19 - 2.6.31
Uptime guess: 380.404 days (since Wed Mar 10 13:12:58 2010)
Network Distance: 14 hops
TCP Sequence Prediction: Difficulty=205 (Good luck!)
IP ID Sequence Generation: All zeros
Nmap scan report for lightwave.sugarlabs.org (140.186.70.102)
Host is up (0.036s latency).
Not shown: 994 closed ports
PORT STATE SERVICE
22/tcp open ssh
53/tcp open domain
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux 2.6.19 - 2.6.31
Uptime guess: 203.206 days (since Fri Sep 3 18:58:20 2010)
Network Distance: 15 hops
TCP Sequence Prediction: Difficulty=200 (Good luck!)
IP ID Sequence Generation: All zeros
Nmap scan report for dextrose.sugarlabs.org (140.186.70.104)
Host is up (0.038s latency).
PORT STATE SERVICE
22/tcp open ssh
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose|specialized|firewall|WAP|router|storage-misc
Running (JUST GUESSING) : Linux 2.6.X (95%), Crestron 2-Series (90%), Check Point Linux 2.4.X (87%), D-Link embedded (87%), Linksys embedded (87%), Peplink embedded (87%), IBM embedded (87%), Linksys Linux 2.4.X (86%)
Aggressive OS guesses: Linux 2.6.24 - 2.6.31 (95%), Linux 2.6.9 - 2.6.18 (94%), Linux 2.6.9 - 2.6.27 (94%), Linux 2.6.22 (Fedora Core 6) (93%), Crestron XPanel control system (90%), Linux 2.6.18 (CentOS 5, x86_64, SMP) (90%), Linux 2.6.17 - 2.6.31 (89%), Linux 2.6.18 (CentOS 5) (89%), Linux 2.6.18 (Centos 5.3) (89%), Linux 2.6.19 - 2.6.31 (89%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 4.265 days (since Mon Mar 21 17:32:48 2011)
TCP Sequence Prediction: Difficulty=200 (Good luck!)
IP ID Sequence Generation: All zeros
Nmap scan report for UNUSED105.sugarlabs.org (140.186.70.105)
Host is up (0.043s latency).
Not shown: 993 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
80/tcp open http
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux 2.6.19 - 2.6.31
Uptime guess: 26.851 days (since Sun Feb 27 02:30:02 2011)
Network Distance: 14 hops
TCP Sequence Prediction: Difficulty=206 (Good luck!)
IP ID Sequence Generation: All zeros
Nmap scan report for pootle.sugarlabs.org (140.186.70.106)
Host is up (0.031s latency).
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
443/tcp closed https
8080/tcp open http-proxy
Device type: general purpose|WAP|router|firewall|printer
Running (JUST GUESSING) : Linux 2.6.X|2.4.X (96%), D-Link embedded (95%), Linksys embedded (95%), Peplink embedded (95%), Check Point Linux 2.4.X (93%), Linksys Linux 2.4.X (91%), Xerox embedded (90%)
Aggressive OS guesses: Linux 2.6.15 - 2.6.30 (96%), D-Link DSA-3100 or Linksys WRT54GL (DD-WRT v23) WAP, or Peplink Balance 30 router (95%), Linux 2.6.22 (95%), Linux 2.6.19 - 2.6.31 (94%), Check Point VPN-1 UTM appliance (93%), Linux 2.6.18 - 2.6.27 (93%), Linux 2.4.21 - 2.4.31 (likely embedded) (93%), Linux 2.6.15 - 2.6.23 (embedded) (93%), Linux 2.6.23 (93%), Linux 2.6.9 - 2.6.27 (92%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 39.886 days (since Mon Feb 14 01:39:28 2011)
Network Distance: 15 hops
TCP Sequence Prediction: Difficulty=188 (Good luck!)
IP ID Sequence Generation: All zeros
Nmap scan report for zatoichi.sugarlabs.org (140.186.70.112)
Host is up (0.041s latency).
Not shown: 989 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
80/tcp open http
81/tcp open hosts2-ns
143/tcp open imap
993/tcp open imaps
3690/tcp open svn
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux 2.6.19 - 2.6.31
Uptime guess: 49.630 days (since Fri Feb 4 07:47:41 2011)
Network Distance: 14 hops
TCP Sequence Prediction: Difficulty=200 (Good luck!)
IP ID Sequence Generation: All zeros
Nmap scan report for buildslave-ubuntu-lucid-64bit.sugarlabs.org (140.186.70.115)
Host is up (0.047s latency).
Not shown: 993 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
80/tcp open http
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux 2.6.19 - 2.6.31
Uptime guess: 342.730 days (since Sat Apr 17 06:24:05 2010)
Network Distance: 15 hops
TCP Sequence Prediction: Difficulty=199 (Good luck!)
IP ID Sequence Generation: All zeros
Nmap scan report for anno.treehouse.su (140.186.70.122)
Host is up (0.046s latency).
Not shown: 993 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
80/tcp open http
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux 2.6.19 - 2.6.31
Uptime guess: 11.235 days (since Mon Mar 14 18:16:33 2011)
Network Distance: 15 hops
TCP Sequence Prediction: Difficulty=203 (Good luck!)
IP ID Sequence Generation: All zeros
Nmap scan report for aslo-web.sugarlabs.org (140.186.70.123)
Host is up (0.049s latency).
Not shown: 992 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
80/tcp open http
111/tcp open rpcbind
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux 2.6.19 - 2.6.31
Uptime guess: 190.335 days (since Thu Sep 16 15:51:59 2010)
Network Distance: 15 hops
TCP Sequence Prediction: Difficulty=195 (Good luck!)
IP ID Sequence Generation: All zeros
Nmap scan report for status.treehouse.su (140.186.70.124)
Host is up (0.033s latency).
Not shown: 994 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
Device type: general purpose|webcam|WAP|media device|firewall|broadband router
Running (JUST GUESSING) : Linux 2.6.X|2.4.X (99%), AXIS embedded (95%), AXIS Linux 2.6.X (95%), Chumby embedded (93%), Check Point Linux 2.4.X (93%), Netgear embedded (92%), Sphairon embedded (92%), 3Com embedded (92%)
Aggressive OS guesses: Linux 2.6.19 - 2.6.31 (99%), Linux 2.6.17 - 2.6.31 (97%), Linux 2.6.24 - 2.6.31 (97%), Linux 2.6.24 (95%), AXIS 207W Network Camera (95%), Sveasoft (Linux 2.4.20) (95%), AXIS 207 Network Camera (Linux 2.6.16) or 241Q Video Server (95%), Linux 2.6.9 - 2.6.30 (95%), DD-WRT v23 - v24 (Linux 2.4.20 - 2.4.37) (95%), DD-WRT v24 SP1 (Linux 2.4) (95%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 15.479 days (since Thu Mar 10 11:25:03 2011)
Network Distance: 14 hops
TCP Sequence Prediction: Difficulty=208 (Good luck!)
IP ID Sequence Generation: All zeros
Nmap scan report for rt.sugarlabs.org (140.186.70.125)
Host is up (0.045s latency).
Not shown: 992 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
80/tcp open http
443/tcp open https
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux 2.6.19 - 2.6.31
Uptime guess: 61.885 days (since Sun Jan 23 01:39:50 2011)
Network Distance: 14 hops
TCP Sequence Prediction: Difficulty=204 (Good luck!)
IP ID Sequence Generation: All zeros
Nmap scan report for schooltool.sugarlabs.org (140.186.70.126)
Host is up (0.036s latency).
Not shown: 992 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
80/tcp open http
60020/tcp open unknown
Device type: general purpose|WAP|webcam|firewall|broadband router|media device
Running (JUST GUESSING) : Linux 2.6.X|2.4.X (99%), AXIS Linux 2.6.X (95%), AXIS embedded (95%), Check Point Linux 2.4.X (94%), Free Linux (92%), 3Com embedded (92%), Chumby embedded (92%), FON Linux 2.6.X (92%)
Aggressive OS guesses: Linux 2.6.19 - 2.6.31 (99%), Linux 2.6.17 - 2.6.31 (97%), Linux 2.6.24 - 2.6.31 (96%), DD-WRT v23 - v24 (Linux 2.4.20 - 2.4.37) (96%), DD-WRT v24 SP1 (Linux 2.4.36) (95%), AXIS 207 Network Camera (Linux 2.6.16) or 241Q Video Server (95%), Linux 2.6.9 - 2.6.30 (95%), DD-WRT v24 SP1 (Linux 2.4) (95%), AXIS 207W Network Camera (95%), Sveasoft (Linux 2.4.20) (95%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 16.446 days (since Wed Mar 9 12:11:56 2011)
Network Distance: 15 hops
TCP Sequence Prediction: Difficulty=191 (Good luck!)
IP ID Sequence Generation: All zeros
Nmap scan report for monitoring.treehouse.su (140.186.70.128)
Host is up (0.046s latency).
Not shown: 993 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
80/tcp open http
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux 2.6.19 - 2.6.31
Uptime guess: 18.490 days (since Mon Mar 7 11:09:50 2011)
Network Distance: 15 hops
TCP Sequence Prediction: Difficulty=203 (Good luck!)
IP ID Sequence Generation: All zeros
Nmap scan report for idea.sugarlabs.org (140.186.70.129)
Host is up (0.036s latency).
Not shown: 992 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
80/tcp open http
5432/tcp open postgresql
Device type: general purpose|media device|phone|WAP|broadband router|remote management
Running (JUST GUESSING) : Linux 2.6.X|2.4.X (99%), Chumby embedded (96%), 3Com embedded (95%), FON Linux 2.6.X (95%), Free Linux (95%), Netgear embedded (95%), Aruba ArubaOS 3.X (95%), Ubiquiti Linux 2.4.X (95%)
Aggressive OS guesses: Linux 2.6.22 (ARM) (99%), Linux 2.6.9 - 2.6.30 (98%), Linux 2.6.19 - 2.6.31 (97%), Linux 2.6.13 - 2.6.28 (97%), Linux 2.6.9 - 2.6.24 (97%), Linux 2.6.9 - 2.6.28 (97%), Linux 2.4.18 - 2.4.35 (likely embedded) (96%), Chumby Internet radio (96%), Linux 2.6.22 (96%), Linux 2.6.22 - 2.6.23 (96%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 18.010 days (since Mon Mar 7 22:40:03 2011)
Network Distance: 15 hops
TCP Sequence Prediction: Difficulty=201 (Good luck!)
IP ID Sequence Generation: All zeros
Read data files from: /usr/share/nmap
OS detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 30 IP addresses (14 hosts up) scanned in 49.10 seconds
Raw packets sent: 16635 (747.730KB) | Rcvd: 12841 (547.157KB)
Nmap scan report for housetree.sugarlabs.org (18.85.44.118)
Host is up (0.055s latency).
Not shown: 993 closed ports
PORT STATE SERVICE
22/tcp open ssh
23/tcp filtered telnet
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
161/tcp filtered snmp
445/tcp filtered microsoft-ds
1720/tcp filtered H.323/Q.931
Nmap scan report for eertesuoh.sugarlabs.org (18.85.44.119)
Host is up (0.055s latency).
Not shown: 992 closed ports
PORT STATE SERVICE
23/tcp filtered telnet
80/tcp open http
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
161/tcp filtered snmp
443/tcp open https
445/tcp filtered microsoft-ds
1720/tcp filtered H.323/Q.931
Nmap scan report for jita.sugarlabs.org (18.85.44.120)
Host is up (0.056s latency).
Not shown: 991 filtered ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
443/tcp open https
5222/tcp open unknown
5280/tcp open unknown
8080/tcp open http-proxy
9090/tcp open zeus-admin
9091/tcp open unknown
9418/tcp open git
Nmap scan report for activitycentral.com (18.85.44.121)
Host is up (0.060s latency).
Not shown: 991 closed ports
PORT STATE SERVICE
22/tcp open ssh
23/tcp filtered telnet
25/tcp open smtp
80/tcp open http
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
161/tcp filtered snmp
445/tcp filtered microsoft-ds
1720/tcp filtered H.323/Q.931
Nmap scan report for serendipity.sugarlabs.org (18.85.44.122)
Host is up (0.062s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
23/tcp filtered telnet
25/tcp open smtp
80/tcp open http
110/tcp open pop3
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
143/tcp open imap
161/tcp filtered snmp
443/tcp open https
445/tcp filtered microsoft-ds
1720/tcp filtered H.323/Q.931
8080/tcp open http-proxy
Nmap done: 38 IP addresses (20 hosts up) scanned in 71.62 seconds
--
Bernie Innocenti
Sugar Labs Infrastructure Team
http://wiki.sugarlabs.org/go/Infrastructure_Team
More information about the Systems
mailing list