"Vince Mulhollon" <[EMAIL PROTECTED]> writes: > Good Morning, > > To find out what services run on what ports, theres a couple fairly easy > ways.
[snip ... ] > 2) Run a nmap on your machine and look at the results. If you already have > filtering rules, you probably need to run that from the "outside" or from > another machine. The debian package is creatively named "nmap" and you > probably want to run something like "nmap whatevermy.ip.address.is" > > Heres an example of nmap, run on a purely internal, yet semi secure host > via 10 meg ethernet. Obivously would be a wee bit slower over a 56K modem. > In the example below, SSH, NFS (sunrpc), and X11, and email (smtp) are > open. I have no idea what right off hand why something is running on ports > 750, 775, and 1024. I suppose I should look into that. > > nmc:~$ nmap -p 1-65535 vlm-jr > > Starting nmap V. 2.12 by Fyodor ([EMAIL PROTECTED], www.insecure.org/nmap/) > Interesting ports on (89.87.103.63): > Port State Protocol Service > 22 open tcp ssh > 25 open tcp smtp > 111 open tcp sunrpc > 750 open tcp kerberos > 775 open tcp entomb > 1024 open tcp unknown > 2049 open tcp nfs > 6000 open tcp X11 Note that if you are running ssh you almost certainly don't want X11 to be listening (pass the "-nolisten tcp" option to X when it starts). > Nmap run completed -- 1 IP address (1 host up) scanned in 67 seconds > > Read the man page for nmap and understand it, before you use it, or you'll > merely shoot yourself in your foot. > > 3) Try something like "netstat -a | more" That should tell you exactly > what is running on what port, in addition to what connections are open at > any given time. "netstat -l" is probably more useful. Also if you want to know "what" is running services you find running on your machine you'll need to do something like... fuser -vn tcp 755 ...which will show you which program has that port open. -- # James Antill -- [EMAIL PROTECTED] :0: * ^From: [EMAIL PROTECTED] /dev/null
