Thanks for pinting this out... portsentry is also installed and indeed does
open up these ports for nmap....
so it looks better now when i disable portsentry.
So the new question will be:
is it good to have portsentry show all these ports? In the conf of
portsentry, every host doing a scan is blocked, but could there be an
exploit used that bypasses portsentry?
Thanx so far
Hans
BTW; 3 ports are still opened that makes me curious:
113 - auth
139 - netbios-ssn
515 - printer
are they needed or should I disable them (and most of all.. how??? they're
not in my xinetd.conf)
--
Hans Scheffers ICQ: 83328340
mailto: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
http://www.jiffie.nl/rottweiler_actie
http://communities.msn.com/stophetfokverbodagressievehonden
<http://www.communities.msn.com/stophetfokverbodagressievehonden>
"Das mir der Hund das Liebste sei, sagst du, mein Freund, sei Sünde
Der Hund ist mir im Sturme treu der Mensch nicht mal im Wind!"
-----Oorspronkelijk bericht-----
Van: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]Namens Jeroen Geusebroek
Verzonden: dinsdag 20 maart 2001 16:23
Aan: Magic Phibo
CC: [EMAIL PROTECTED]
Onderwerp: RE: Redhat 7.0:Securing system
> The ports 12345, 31337 and so on in your nmap output are DEFINITELY
> not default for a RH 7.0 installation out of the box !
Couldn't this be the result from a PortSentry installation on the RH7
machine? (I don't know if this could be installed out if the box)
Regards,
Jeroen Geusebroek
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
