[NCSA-discuss] a shameful problem
Jason Tower
jason at cerient.net
Thu Jun 22 23:50:22 EDT 2006
ok, i'm ashamed and embarassed to admit it, but i have one windows server
that i have to administer. it's a citrix server running under vmware, and
here's the catch: i need to run it with a public ip address - no external
firewall, no nat.
now, on a real server (read: *nix) i simply turn off all services that i
don't want, verify with 'netstat -an' that only the ports i want listening
are actually open, and away i go. on this godforsaken windows box running
'netstat -an' yields the following (note that it is currently behind a nat
device, hence the 10.1.1.11 ip):
Active Connections
Proto Local Address Foreign Address State
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1036 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1039 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1043 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1433 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1494 0.0.0.0:0 LISTENING
TCP 0.0.0.0:2512 0.0.0.0:0 LISTENING
TCP 0.0.0.0:2513 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING
TCP 0.0.0.0:27000 0.0.0.0:0 LISTENING
TCP 10.1.1.11:139 0.0.0.0:0 LISTENING
TCP 127.0.0.1:1434 0.0.0.0:0 LISTENING
TCP 127.0.0.1:8009 0.0.0.0:0 LISTENING
UDP 0.0.0.0:445 *:*
UDP 0.0.0.0:500 *:*
UDP 0.0.0.0:1037 *:*
UDP 0.0.0.0:1041 *:*
UDP 0.0.0.0:1276 *:*
UDP 0.0.0.0:1434 *:*
UDP 0.0.0.0:1604 *:*
UDP 0.0.0.0:3701 *:*
UDP 0.0.0.0:3771 *:*
UDP 0.0.0.0:3820 *:*
UDP 0.0.0.0:4057 *:*
UDP 0.0.0.0:4094 *:*
UDP 0.0.0.0:4309 *:*
UDP 0.0.0.0:4500 *:*
UDP 0.0.0.0:4561 *:*
UDP 0.0.0.0:4615 *:*
UDP 10.1.1.11:123 *:*
UDP 10.1.1.11:137 *:*
UDP 10.1.1.11:138 *:*
UDP 127.0.0.1:123 *:*
UDP 127.0.0.1:3768 *:*
UDP 127.0.0.1:3817 *:*
UDP 127.0.0.1:4054 *:*
UDP 127.0.0.1:4091 *:*
UDP 127.0.0.1:4186 *:*
UDP 127.0.0.1:4306 *:*
UDP 127.0.0.1:4487 *:*
UDP 127.0.0.1:4558 *:*
UDP 127.0.0.1:4612 *:*
UDP 127.0.0.1:4651 *:*
holy smegging crap, this is what redmond considers "secure"? the only
external ports i want open are tcp 80/443 for the citrix web interface, and
tcp 1494 for citrix itself. presumably i can ignore the ports bound to
127.0.0.1 but i don't have a clue about all the others, or how to disable
them. if anyone can help me prepare this box for public ip duty lunch
(including beer) is on me.
jason
More information about the ncsa-discussion
mailing list