Under WinCE/WEC we had to disable the FTPD, SMB and Telnet services to make sure there are no vulnerable ports.
Are these or any other vulnerable ports active in Linux?
If so, how can we deactivate those?
We only need our custom ports for our dedicated interface.
- Are these or any other vulnerable ports active in Linux?
Our Embedded Linux BSPs only have SSH and portmapper exposed by default:
[user@host ~]$ nmap 192.168.10.155
Starting Nmap 7.60 ( https://nmap.org ) at 2018-12-05 11:43 CET
Nmap scan report for 192.168.10.155
Host is up (0.0071s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind
Nmap done: 1 IP address (1 host up) scanned in 0.21 seconds
[user@host ~]$ rpcinfo -p 192.168.10.155
program vers proto port service
100000 4 tcp 111 portmapper
100000 3 tcp 111 portmapper
100000 2 tcp 111 portmapper
100000 4 udp 111 portmapper
100000 3 udp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 57834 status
100024 1 tcp 34788 status
- If so, how can we deactivate those?
You may deactivate those by either disabling resp. services:
root@colibri-vf:~# systemctl stop sshd.socket
root@colibri-vf:~# systemctl disable sshd.socket
root@colibri-vf:~# systemctl stop rpcbind
root@colibri-vf:~# systemctl disable rpcbind
Or alternatively, activating explicit firewalling (e.g. iptables).