1834326 Members
2680 Online
110066 Solutions
New Discussion

tcp port used by remsh

 
SOLVED
Go to solution
SURI  HUNJAN
Advisor

tcp port used by remsh

Hi All,

Seen a similar entry in the forum, but need clarification.
We are trying to limit the netwok services on a platform (HPUX 11.00) for security reasons.
My understanding is, for remsh (after march 2001 patching), we need to keep port 544 (kshell)open in services file. Tested it and that is ok.
Question is, kshell is hashed out in inetd.conf and hence would expect the corresponding port 544 in services file inaccessible for remsh command. But that is not the case. Also the port 544 is not LISTENING. Does the Patch (PHNE_21731) force the remsh to look at the services file as a lookup for the kshell port.
2 REPLIES 2
Robert-Jan Goossens
Honored Contributor

Re: tcp port used by remsh

Hi,

Think you have to take a look at tcp/514

shell 514/tcp cmd # remote command, no passwd used

kshell
kshell 544/tcp krcmd # Kerberos remote shell -kfall

Hope it helps,

Robert-Jan.
Sridhar Bhaskarla
Honored Contributor
Solution

Re: tcp port used by remsh

Hi,

It looks like it does only a lookup for kshell and ekshell. As wrongly mentioned in the HP documentation, it is not looking for the ports 544 and 545 to be open.

Along with restricting the services, also use /var/adm/inetd.sec to limit the accessibility of the services that need to be open.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try