On Tue, 20 Mar 2001, Hans Scheffers wrote:
> I have done a out of the box install of redhat 7, this doesn't work
> anymore with inet.d but with xinetd.d
redhat 7 has ditched inetd and uses xinetd, yep. i wrote some docs for
xinetd in the march issue of linux journal.
> When I do a portscan on the system with nmap I get the following result:
> nmap -sS localhost
many open ports snipped ...
this is wierd, and you shouldn't have seen it from what i can tell.
nmap's SYN scan (which you did) uses the RST == closed, SYN|ACK == open,
and (none) == filtered rule, ISTR, in making its decisions about a port
status. also, nmap, to conserve on speed, will by default only scan a
handful of ports, not all 65000.
is it possible you have a firewall installed? that would explain things.
is it possible your routing is messed up? that may explain things, though
...
as long as you have access to the machine, do a few things. netstat -na,
lsof -i, and the like will tell you about listening ports. i doubt a fresh
install a) is compromised out of the box (only soon after), and b) has
that many ports really open.
also, try an nmap connect() scan (the default type) to the machine from
another machine.
____________________________
jose nazario [EMAIL PROTECTED]
PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
PGP key ID 0xFD37F4E5 (pgp.mit.edu)
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
