One
some UNIX machines, creating a TCP connection to this port will dump the active
processes and who launched them. This reveals a wealth of information about the
machine's structure and user accounts, which can be used to later hack the
system.
Port
Scanning is one of the most popular reconnaisance techniques hackers use to
discover services they can break into. A potential victim computer runs many
'services' that listen at well-known 'ports'. By scanning which ports are
available on the victim, the hacker finds potential weaknesses that can be
exploited.
no service finger
no service pad
no service udp-small-servers <
no service tcp-small-servers <
no ip bootp server
in some access list on the external interface
deny 0.0.0.0 0.0.0.0 port 15 log
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of [EMAIL PROTECTED]
Sent: Tuesday, January 16, 2001 9:05 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: Netstat
Peter,
Netstat use to be assigned to port 15 so I'd guess denying access inbound on your Internet connection for tcp and upd on port 15 should do it.
-- Bill Stackpole, CISSP
[EMAIL PROTECTED] (iNeTalk.com - Peter Fung)
Sent by: [EMAIL PROTECTED]01/16/01 01:45 AM
Please respond to "Peter Fung"
To: <[EMAIL PROTECTED]>
cc:
Subject: Netstat
Does anyone has experience to set access list in CISCO Router for denying
netstat feature from Internet to Internal network!
Thanks
Peter
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
