Monitoring open ports on RHEL 5

When using Red Hat Enterprise Linux 5 (RHEL 5), how can you monitor which ports are open on different servers to make sure someone hasn't compromised ports for other uses?

There isn't an easy and automated way to do this from a monitoring environment. Perhaps the best method is regular Nmap or Nessus scans of your hosts (though this has some risks and you will have to ensure that you set up both to scan in a non-intrusive manner) with the output compared a pre-defined baseline. Both tools will also generate a lot of network 'chatter' and if you have an IDS/IPS installed, then this will potentially look like an attack and generate false positives.

In the event your host may have been compromised there is also hardscan, a netstat replacement for scanning local ports, attempting a handshake and outputting the results. This can often help in identifying a host infected with a rootkit that has compromised ports open.

Related Resources

Expert Best Practices: Using Linux for Data Center Consolidation –SearchDataCenter.com
LinuxONE For Dummies –IBM

Dig Deeper on Linux servers

Oracle Linux DTrace raises excitement, wariness Oracle Linux DTrace has been ported from DTrace Solaris. Linux aficionados are excited but worried about its future in the hands of Oracle.

A complete guide to Unix-to-Linux migration This comprehensive guide details everything involved in a Unix-to-Linux migration, from porting applications to training staff to manage a Linux environment.

Linux-to-Unix migrations: Why, when and how to make the move Porting from Linux to Unix is not as common as the inverse, but there are reasons for making the move. In this tip, learn how to make the migration successful.

Using Ubuntu Linux with WINE An expert describes how to map Ubuntu Linux serial ports to the serial ports of a Windows application running in WINE.

Preserving app functions when porting to Linux Unix-Linux expert Ken Milberg explains that you can't preserve much when porting apps with platform-specific functions.

Requirements for porting to Linux Unix-Linux migration expert Ken Milberg explains the scheduling and preparation requirements for porting apps to Linux.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our Data Center experts

View all Data Center questions and answers

Monitoring open ports on RHEL 5

A Linux security expert describes how to determine which ports are open in Red Hat Enterprise Linux 5 (RHEL 5) and how to figure out if your ports have been compromised by an attack.

Dig Deeper on Linux servers

Related Q&A from James Turnbull

OSSEC implementation in Windows

Solaris 10 Trusted Extensions vs. SELinux

Spamassassin and dspam on Postfix

Have a question for an expert?

Start the conversation

0 comments

Please create a username to comment.

-ADS BY GOOGLE

SearchWindowsServer

What admins need to know about Azure Stack HCI

How to manage Exchange hybrid mail flow rules

How to repair Windows Server using Windows SFC and DISM

SearchServerVirtualization

How to deploy graphics devices using Hyper-V DDA

Learn to integrate VMs and containers in your data center

Dockerfile commands for containerizing applications

SearchCloudComputing

Review these Azure Service Bus best practices

Instill cloud change management best practices

How much cloud does an IT disaster recovery plan need?

Related Resources

Dig Deeper on Linux servers

Related Q&A from James Turnbull

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.