[SOLVED] Open Ports on standard PVE install

G

gctwnl

Member
Aug 24, 2022
70
12
13
When I ask nmap what is open on my PVE host, it tells me:
Code: 
PORT     STATE SERVICE
22/tcp   open  ssh
111/tcp  open  rpcbind
3128/tcp open  squid-http
8007/tcp open  ajp12
22 and 8007 I understand (8007 because PBS is also running on that system)

But what I do not understand is that 8006 is not reported by nmap (more an nmap thing, I guess), while it is there that we can access the admin GUI:
Code: 
gerben@hermione% nc -v -z pve.rna.nl 8006       
Connection to pve.rna.nl port 8006 [tcp/*] succeeded!
What I would like to know is:
  • Why is TCP 111 open (according to the documentation, it should be only-UDP 111) and what is 111 for anyway? Do I need it with a single PVE machine?
  • 3128 is a SPICE proxy. My guess is this is needed for the Shell of the PVE host and Console of the VM clients from the Web GUI. Correct?
 
First thought: are you sure to scan the correct machine? Verify/compare the IP address...
 
UdoB said:
First thought: are you sure to scan the correct machine? Verify/compare the IP address...
Click to expand...
Yes. 100%.
Code: 
gerben@hermione% ssh user@hostscannedbynmap
user@hostscannedbynmap's password:
Linux pve 5.15.85-1-pve #1 SMP PVE 5.15.85-1 (2023-02-01T00:00Z) x86_64
 
gctwnl said:
But what I do not understand is that 8006 is not reported by nmap (more an nmap thing, I guess), while it is there that we can access the admin GUI:
Click to expand...
How did you scan (what command)? Without port specification, nmap will only scan a few known ports, not everything.
 
  • Like
Reactions: gctwnl
LnxBil said:
How did you scan (what command)? Without port specification, nmap will only scan a few known ports, not everything.
Click to expand...
That will be it. The fact that 8007 was scanned but 8006 was not, made me assume all ports were scanned (what the heck is 8007...). I've been unable to find out what the 'interesting ports' list is.
 
You must log in or register to reply here.
Top Bottom