total listening ports

[dvdknaap]

At the 'System Linux Recommendations' section i get the following messages:
[--] There is 27 listening port(s) on this server.
[!!] There is too many listening ports: 27 > 10

What do you guys want to tell with this the total listening ports or ipv4/ipv6 listening or internal port listenings

If i check the source it's using the following function to receive this ports:

sub get_opened_ports {
     my @opened_ports=`netstat -ltn`;
     map {
     s/.*:(\d+)\s.*$/$1/;
     s/\D//g;
    } @opened_ports;
     @opened_ports =  sort {$a <=> $b} grep { !/^$/ } @opened_ports;
     debugprint Dumper \@opened_ports;
     return @opened_ports;
}

Im not an perl developer but from what i understand is that it use every row that it received, so in my cause you get 27 ports because you have internal port listenings on 127.0.0.1 i got port listenings for ipv4 and ipv6

In my cause i get the following ports (27 in total)

[root@server MySQLtuning]# netstat -ltn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:587             0.0.0.0:*               LISTEN     
tcp        0      0 127.0.0.1:3310          0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:143             0.0.0.0:*               LISTEN     
tcp        0      0 127.0.0.1:783           0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:465             0.0.0.0:*               LISTEN     
tcp        0      0 externalIp1:53        0.0.0.0:*               LISTEN     
tcp        0      0 externalIp2:53        0.0.0.0:*               LISTEN     
tcp        0      0 externalIp2:53        0.0.0.0:*               LISTEN     
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN     
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:9022            0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:4190            0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:993             0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:995             0.0.0.0:*               LISTEN     
tcp6       0      0 :::587                  :::*                    LISTEN     
tcp6       0      0 :::80                   :::*                    LISTEN     
tcp6       0      0 :::465                  :::*                    LISTEN     
tcp6       0      0 :::21                   :::*                    LISTEN     
tcp6       0      0 :::25                   :::*                    LISTEN     
tcp6       0      0 ::1:953                 :::*                    LISTEN     
tcp6       0      0 :::443                  :::*                    LISTEN     
tcp6       0      0 :::9022                 :::*                    LISTEN     
tcp6       0      0 :::9222                 :::*                    LISTEN     

So maybe it's beter to filter these results because if i remove 127.0.0.1(internal) ports and if i count the unique ports i get 11 ports
587 (new email port)
110 (email port)
143 (email port)
465 (email port)
53 (DNS port)
21 (ftp port)
25 (old email port)
22 (ssh port)
4190 (dovecot port)
993 (email port)
995 (email port)

So the ports are pretty default so maybe its usefull to add an filter and only count the unique ports ?

[jmrenouard]

ok patch pushed in 1.6.8
This test is performed with maxportallowed option set.

[dvdknaap]

Thanks for the update i made one notice for a small fix, i hope you don't mind.

#164 removing by default check for 10 opened ports. option maxallowed port added for this case.

[jmrenouard]

@Dutchprogrammer
Message changed in code.