# How did all of these ports get open on my machine??



## Fahrvergnuugen (Jul 26, 2002)

I just did a port scan on my G4:

Port Scanning host: 127.0.0.1

	 Open Port: 	21		ftp
	 Open Port: 	22		ssh
	 Open Port: 	23		telnet
	 Open Port: 	80		http, www-http, www
	 Open Port: 	113		auth, tap, ident
	 Open Port: 	139		netbios-ssn
	 Open Port: 	427		svrloc
	 Open Port: 	548		afpovertcp
	 Open Port: 	554		rtsp
	 Open Port: 	901		swat
	 Open Port: 	1033
	 Open Port: 	1220
	 Open Port: 	3306
	 Open Port: 	7070
	 Open Port: 	8000
	 Open Port: 	8001


21, 22, 23, 80, 113 and 554 I was expecting [ie, I intenionally set those services up]

What the heck are all these other ports and how do I shut them off??


----------



## uoba (Jul 27, 2002)

to get a firewall on there!

Especially if your ftp and telnet ports are open (make sure ftp access is off in System Prefs in this case).

Either Impasse (the one I use, from glucose), Brickhouse would do the job (they implement OSX's own inbuilt firewall, ipfw.


----------



## Fahrvergnuugen (Jul 27, 2002)

no. The last thing I want is a firewall. I WANT ftp and telnet to be open, as I said before, I intentionally opened these ports. its all the other ones that I'm confused about...they were not open when I first installed OSX....


----------



## macmasta (Apr 16, 2004)

Open Port: 548 afpovertcp

this is the port for AFP (Apple File Protocoll). if you don't like to have this one opened up, just turn off file Personal File Sharing in the sharing prefs tab.


----------



## michaelsanford (Apr 16, 2004)

Yeah exactly get a firewall and open those ports. If you configure ipfw in the Sys Prefs Sharing tab it'll keep your services open but close the rest.

PS What did you use to port scan ?


----------



## Darkshadow (Apr 16, 2004)

Network Utility will do!  /Utilities/Network Utility - just put in localhost for the host to scan.


----------



## michaelsanford (Apr 16, 2004)

Wow, I use nmap so much I forgot about Network Utility


----------



## scruffy (Apr 17, 2004)

to find out what programs have what ports open, you could use:
lsof -i
You have to run that command as root to see every program, so that would be:
sudo lsof -i


----------

