Topic: Open Ports on e-smith v3.1

[Jon Thiele]

I downloaded and installed e-smith v3.1 (very nicely done!!!) yesterday and setup a standard configuration using my Roger's Cable Modem.  Since my cable modem is constantly on, I'm always concerned about security.  I ran a NMAP port scan (www.insecure.org) on my e-smith server and here is the results:

# Log of: nmap -onmaptest 24.xxx.xxx.xxx
Interesting ports on crxxxxxx-a.xxxxx.on.wave.home.com (24.xxx.xxx.xxx):
Port    State       Protocol  Service
21      open        tcp        ftp            
23      open        tcp        telnet          
25      open        tcp        smtp            
80      open        tcp        http            
110     open        tcp        pop-3          
113     open        tcp        auth            
389     open        tcp        ldap            
548     open        tcp        afpovertcp      
3128    open        tcp        squid-http      


Notice that port 21 (ftp) is open but I don't understand why since no ftp software is running.  Any reason why this port is open in a default install???  

Thanx in advance.

[Joseph Morrison]

Jon Thiele wrote:

> I downloaded and installed e-smith v3.1 (very nicely done!!!)

Thanks!!

> Notice that port 21 (ftp) is open but I don't understand why
> since no ftp software is running....

The ftp server is started on demand by inetd, so you won't normally see ftp processes running. But if you try ftp'ing to your system, it should work.

There is a small bug in e-smith 3.1 - a missing PAM file that prevents user ftp from working (although anonymous ftp still works). We'll be posting the fix shortly.

Best regards,
- Joe Morrison