HPE Community
Operating System - HP-UX
1834326 Members
2680 Online
110066 Solutions
New Discussion

tcp port used by remsh

 
SOLVED
Go to solution
SURI HUNJAN
Advisor

‎02-06-2003 08:55 AM

‎02-06-2003 08:55 AM

tcp port used by remsh

Hi All,

Seen a similar entry in the forum, but need clarification.
We are trying to limit the netwok services on a platform (HPUX 11.00) for security reasons.
My understanding is, for remsh (after march 2001 patching), we need to keep port 544 (kshell)open in services file. Tested it and that is ok.
Question is, kshell is hashed out in inetd.conf and hence would expect the corresponding port 544 in services file inaccessible for remsh command. But that is not the case. Also the port 544 is not LISTENING. Does the Patch (PHNE_21731) force the remsh to look at the services file as a lookup for the kshell port.
0 Kudos
Reply
2 REPLIES 2
Robert-Jan Goossens
Honored Contributor

‎02-06-2003 09:16 AM

‎02-06-2003 09:16 AM

Re: tcp port used by remsh

Hi,

Think you have to take a look at tcp/514

shell 514/tcp cmd # remote command, no passwd used

kshell
kshell 544/tcp krcmd # Kerberos remote shell -kfall

Hope it helps,

Robert-Jan.
Reply
Sridhar Bhaskarla
Honored Contributor

‎02-06-2003 09:25 AM

‎02-06-2003 09:25 AM

Solution

Re: tcp port used by remsh

Hi,

It looks like it does only a lookup for kshell and ekshell. As wrongly mentioned in the HP documentation, it is not looking for the ports 544 and 545 to be open.

Along with restricting the services, also use /var/adm/inetd.sec to limit the accessibility of the services that need to be open.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.