42433

should 42433 and 42432 be left open for dolphin?

no dolphin only needs ports open for rms servers .... 

Where did you get those port numbers from ?

67.228.245.248 is connecting to my server on those ports.

Those ports are not used by dolphin, or the RMS server for dolphin. In fact, dolphin is just a script that runs in a web server, and your web server uses port 80.

Those ports (42432 and 42433) are commonly used for iTunes Radio streams.

I would say leave them closed. If you have never run a server before, then prepare your self for more of that. Hackers constantly scan servers for open ports for a variety of different reasons. It's something you will have to get used to.

deano:

thanks for the reply.  the ports mentioned were shown in netstat to be connecting to 67.228.245.248 ...which resolves to bonex.com, not some "script kiddies"....

so while i do not claim to be an expert at running a server, or anything for that matter, i just wanted to make sure that i wasn't defeating the license mechanism and making a mess of the script.  That being said, what appears to be happening is that when the dashboard is refreshed the netstat result is :

tcp        0      0 69.64.47.25:42742       67.228.245.248:80       TIME_WAIT  

tcp        0      0 69.64.47.25:42741       67.228.245.248:80       TIME_WAIT  

i just hadn't realized the cause...  obviously nothing to worry about... but always great to get help when i  am not sure if i should worry, as it is better to be safe than sorry...

cheers and thanks...

In fact, you should drop connections to all ports on your server and then open only the ports you need.

However, you first make sure that you open the SSH port (usually 22 but can be something else, make sure) to you; if you have a dynamic IP address you are going to have to leave that port fully open.  Of course you are going to use a long difficult password to connect to your server SSH port; upper and lower characters, numerals, and symbols.  If you close all ports before setting the SSH port open you will lock yourself out of your server.  Don't have the firewall loading at boot time until you are sure about the rules; that way you can reboot the server and it will boot with the firewall down and you can get back in.

You need to open http and https (if you are going to run any secure socket layers), maybe ftp; however, you can leave that closed and do your work through port 22;    There are other ports you may or may not want to open, for example ports for ftp.  Oh, don't forget to put the loopback rule in your firewall.

thanks Geek_girl