OpenBSD has open ports in default installation

Posted by celil on Server Fault See other posts from Server Fault or by celil
Published on 2011-01-09T20:59:10Z Indexed on 2011/01/09 21:55 UTC
Read the original article Hit count: 280

I have been considering replacing Ubuntu with OpenBSD to improve the security on my local server. I need to have ssh access to it, and I also need it to serve static web content - so the only ports I need open are 22 and 80.

However, when I scan my server for open ports after installing OpenBSD 4.8, and enabling ssh and http at /etc/rc.conf

httpd_flags=""
sshd_flags=""

I discovered that it had several other open ports:

Port Scan has started…

Port Scanning host: 192.168.56.102

     Open TCP Port:     13          daytime
     Open TCP Port:     22          ssh
     Open TCP Port:     37          time
     Open TCP Port:     80          http
     Open TCP Port:     113         ident

ssh (22) and http (80) should be open as I enabled httpd and sshd, but why are the other ports open, and should I worry about them creating additional security vulnerabilities? Should they be open in a default installation?

© Server Fault or respective owner

Related posts about security

Related posts about tcp