Page 508 - StudyBook.pdf
P. 508
492 Chapter 8 • Infrastructure Security: System Hardening
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:990 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1026 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1239 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1545 0.0.0.0:0 LISTENING
TCP 0.0.0.0:2720 0.0.0.0:0 LISTENING
TCP 0.0.0.0:2722 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3755 0.0.0.0:0 LISTENING
TCP 192.168.1.183:139 0.0.0.0:0 LISTENING
TCP 192.168.1.183:1545 69.20.127.139:80 ESTABLISHED
TCP 192.168.1.183:1547 0.0.0.0:0 LISTENING
TCP 192.168.1.183:1547 192.168.123.185:139 ESTABLISHED
TCP 192.168.1.183:80 91.121.16.109:3755 ESTABLISHED
4. Look closely at the top two entries. These indicate that both
ports 135 and 445 are open and listening for connections.
5. Now look at the very last entry. Notice that it shows that the
local machine 192.168.1.183 has an open port on 80 established
to 91.121.16.109. This indicates that someone has made a web
connection to this system.
6. Now spend some time looking through the rest of the list shown
here and the one that you have queried on your own computer.
If any of the ports look unusual or are unknown to you, you may
want to check out www.iana.org/assignments/port-numbers for a
list of port numbers and their corresponding service.
Enabling and Disabling Services and Protocols
When considering whether to enable and disable services and protocols in relation
to network hardening, there are extra tasks that must be done to protect the net-
work and its internal systems.As with the OSes and NOSes discussed earlier, it is
important to evaluate the current needs and conditions of the network and infras-
tructure, and then begin to eliminate unnecessary services and protocols.This leads
to a cleaner network structure, more capacity, and less vulnerability to attack.
www.syngress.com
