Hi I just purchase a Windows 2008 server and add a new administrator user and I have also disable the main administrator....and I have a firewall and everything but the ports opened that are open on my server are of concern to me...when I first did a nmap scan there were only three ports uh let me see if I can remember this right....It was port 3389 which is RDP and its filtered then 5904 which is the vnc port that I connect to and last I think it was the either 111 rcbind or 19 filtered chargen....and than a few minutes ago I did another scan while I was connected to the server through vnc and these all came up most of them are vnc for some reason not sure.....
19/tcp filtered chargen
22/tcp open ssh
111/tcp open rpcbind
3389/tcp filtered ms-wbt-server
5902/tcp open vnc-2
5904/tcp open unknown
6000/tcp open X11
6006/tcp open X11:6
6156/tcp open unknown
I would like to close all port that aren't necessary like ssh cause I am not useing it 19 and 111 if possible I also don't understand why 3389 RDP is filtered if I am using vnc to connect and all why is all those other port for vnc open all of a sudden doo I have a security breach??
1 Response
https://benchmarks.cisecurity.org/downloads/show-single/?file=windows2008R2.210
hf
Share Your Thoughts