31337/tcp open Elite

the following is the output when I nmap. I need help on 31337/tcp open Elite. is this required for my plone install. how do i remove this. is my server compromised. any solution?

ssp@mail:~$ nmap

Starting Nmap 6.40 ( http://nmap.org ) at 2016-03-21 23:06 IST
Nmap scan report for mail.kousalam.com (
Host is up (0.00093s latency).
Not shown: 988 closed ports
22/tcp open ssh
23/tcp open telnet
25/tcp open smtp
80/tcp open http
110/tcp open pop3
143/tcp open imap
465/tcp open smtps
587/tcp open submission
993/tcp open imaps
995/tcp open pop3s
8080/tcp open http-proxy
31337/tcp open Elite

Nmap done: 1 IP address (1 host up) scanned in 0.46 seconds

No. Plone usually uses only a single (configurable) port; if you use ZEO, an additional port is used. For everything else, you need special configuration.

A service called Elite with a port that spells LEET
very suspicious!!! Do you have a firewall configured?
It looks like you do not.

In its most common configuration (with a reverse proxy like Apache or Nginx), Plone does not need or use any externally accessible ports. Even in a complex, server-cluster configuration, Plone's ports should only be accessible to machines that are part of the cluster.

And, pigeonflight is right on target on Elite/LEET. That needs serious investigation.

This is not just common configuration, it is actually recommended security practice to firewall your Plone installations.

31337/tcp open Elite means your server has been compromised and is running a rogue service, period. http://www.speedguide.net/port.php?port=31337

Nuke from high orbit, is the standard advice in that situation. Meaning: backup your Plone database and rebuild the server from scratch. YMMV.

You need to read up on how to secure any server you make available on the open internet. Or use someone who knows how to do that for you. I use the Linode.com service and it has lots of tutorials on how to make a server more secure.