Re: remote desktop ports
Available news archives: comp.lang.tcl - comp.lang.python - comp.security.firewalls - sci.crypt - comp.lang.php - comp.lang.javascript
Google
 
Web news.hping.org


comp.security.firewalls archive

Re: remote desktop ports

From: Ansgar -59cobalt- Wiechers <usenet-2006@planetcobalt.net>
Date: Mon Feb 13 2006 - 17:15:22 CET



sillymartin@gmail.com wrote:


> hi,I want to install a firewall infront of a server (w2k3) ,but


> I have to reach it  via remote desktop (formerly terminal service)


> 


> I imagine


> 3389/tcp    microsoft-rdp       Microsoft Terminal Service


> 


> is enough,



Correct. However, you'll probably want to tunnel that connection through


SSH or a VPN and not make port 3389 publicly available.



> but what are these ports:


> 


> 135/tcp   open     msrpc               Microsoft Windows RPC


> 1025/tcp  open     msrpc               Microsoft Windows RPC


> 1026/tcp  open     msrpc               Microsoft Windows RPC


> 1031/tcp  open     msrpc               Microsoft Windows RPC


> 1033/tcp  open     msrpc               Microsoft Windows RPC


> 2105/tcp  open     msrpc               Microsoft Windows RPC



135/tcp is the RPC portmapper, the other ports are probably services


using RPC (1025/tcp might be task scheduler, 1026/tcp w32time, etc.).


Use "netstat -anb" to find out what process is listening on each of


these ports.



cu


59cobalt



-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq


Received on Mon May  1 00:50:38 2006