Simpler Navigation for Servers and Operating Systems - Please Update Your Bookmarks
Completed: a much simpler Servers and Operating Systems section of the Community. We combined many of the older boards, so you won't have to click through so many levels to get at the information you need. Check the consolidated boards here as many sub-forums are now single boards.
If you have bookmarked forums or discussion boards in Servers and Operating Systems, we suggest you check and update them as needed.
Security
cancel
Showing results for 
Search instead for 
Did you mean: 

security scan showing 38 open ports: HP-UX 11.11 : Please advise what not needed?

rveri-admin
Frequent Advisor

security scan showing 38 open ports: HP-UX 11.11 : Please advise what not needed?

Experts,

 

As per security scan before moving a system it is showing lot of open ports and questioned about closing the ports in firewall.

 

Please help determining if these are normal , or we can close any of these ports, that got scanned and showing opne in the security scan (nmap).

 

 

-----


 
Initiating SYN Stealth Scan at 07:43
 
Scanning hpux1101 (10.134.11.2) [65535 ports]
 
Discovered open port 21/tcp on 10.134.11.2
 
Discovered open port 135/tcp on 10.134.11.2
 
Discovered open port 111/tcp on 10.134.11.2
 
Discovered open port 22/tcp on 10.134.11.2
 
Discovered open port 25/tcp on 10.134.11.2
 
Discovered open port 6850/tcp on 10.134.11.2
 
Discovered open port 49434/tcp on 10.134.11.2
 
Discovered open port 49171/tcp on 10.134.11.2
 
Discovered open port 49201/tcp on 10.134.11.2
 
Discovered open port 49377/tcp on 10.134.11.2
 
Discovered open port 5053/tcp on 10.134.11.2
 
Discovered open port 4750/tcp on 10.134.11.2
 
Discovered open port 2121/tcp on 10.134.11.2
 
Discovered open port 20001/tcp on 10.134.11.2
 
Discovered open port 7937/tcp on 10.134.11.2
 
Discovered open port 7815/tcp on 10.134.11.2
 
Discovered open port 49960/tcp on 10.134.11.2
 
Discovered open port 1712/tcp on 10.134.11.2
 
Discovered open port 7938/tcp on 10.134.11.2
 
Discovered open port 8862/tcp on 10.134.11.2
 
Discovered open port 2148/tcp on 10.134.11.2
 
Discovered open port 1402/tcp on 10.134.11.2
 
Discovered open port 49347/tcp on 10.134.11.2
 
Discovered open port 31111/tcp on 10.134.11.2
 
Discovered open port 49152/tcp on 10.134.11.2
 
Discovered open port 3275/tcp on 10.134.11.2
 
Discovered open port 7954/tcp on 10.134.11.2
 
Discovered open port 2301/tcp on 10.134.11.2
 
Discovered open port 6849/tcp on 10.134.11.2
 
Discovered open port 6112/tcp on 10.134.11.2
 
Discovered open port 5989/tcp on 10.134.11.2
 
Discovered open port 49348/tcp on 10.134.11.2
 
Discovered open port 49343/tcp on 10.134.11.2
 
Discovered open port 1508/tcp on 10.134.11.2
 
Discovered open port 382/tcp on 10.134.11.2
 
Discovered open port 383/tcp on 10.134.11.2
 
Discovered open port 49961/tcp on 10.134.11.2
 
Discovered open port 5060/tcp on 10.134.11.2
 
Completed SYN Stealth Scan at 07:43, 25.62s elapsed (65535 total ports)
 
------------------------------------------------------------------------

 

 

 

 

In netstat output this is what we can see the listening ports:

 

#------------------------------------------------------------------
hpux1101:>netstat -an | grep LISTEN |grep -v 127.0.0.1
tcp        0      0  *.4750                 *.*                     LISTEN
tcp        0      0  *.2148                 *.*                     LISTEN
tcp        0      0  *.5989                 *.*                     LISTEN
tcp        0      0  *.5060                 *.*                     LISTEN
tcp        0      0  *.382                  *.*                     LISTEN
tcp        0      0  *.1712                 *.*                     LISTEN
tcp        0      0  *.111                  *.*                     LISTEN
tcp        0      0  *.383                  *.*                     LISTEN
tcp        0      0  *.49347                *.*                     LISTEN
tcp        0      0  *.7938                 *.*                     LISTEN
tcp        0      0  *.135                  *.*                     LISTEN
tcp        0      0  *.20001                *.*                     LISTEN
tcp        0      0  *.3275                 *.*                     LISTEN
tcp        0      0  *.49171                *.*                     LISTEN
tcp        0      0  *.25                   *.*                     LISTEN
tcp        0      0  *.7937                 *.*                     LISTEN
tcp        0      0  *.1508                 *.*                     LISTEN
tcp        0      0  *.22                   *.*                     LISTEN
tcp        0      0  *.7815                 *.*                     LISTEN
tcp        0      0  *.6112                 *.*                     LISTEN
tcp        0      0  *.1402                 *.*                     LISTEN
tcp        0      0  *.5053                 *.*                     LISTEN
tcp        0      0  *.49343                *.*                     LISTEN
tcp        0      0  *.2121                 *.*                     LISTEN
tcp        0      0  *.49348                *.*                     LISTEN
tcp        0      0  *.7954                 *.*                     LISTEN
tcp        0      0  *.49152                *.*                     LISTEN
tcp        0      0  *.21                   *.*                     LISTEN
tcp        0      0  *.49960                *.*                     LISTEN
tcp        0      0  *.8862                 *.*                     LISTEN
tcp        0      0  *.49377                *.*                     LISTEN
tcp        0      0  *.49961                *.*                     LISTEN
tcp        0      0  *.2301                 *.*                     LISTEN
tcp        0      0  *.31111                *.*                     LISTEN
tcp        0      0  *.49434                *.*                     LISTEN
hpux1101:>

#------------------------------------------------------------------

 

Please advise if these are normal as per the normal hp-ux services or if anything we can close  as per solaris & linux scan they dont find these much open ports and showing concern.

 

Thanks,

1 REPLY
Highlighted
Laurent Menase
Honored Contributor

Re: security scan showing 38 open ports: HP-UX 11.11 : Please advise what not needed?

Hi

you may get a star otf answer with lsof, 

the one which will be not seen in lsof output wll be kernel opened endpoint ( by  kernel rpc, OTS, ....)

lsof will show the process attached one.