Re[2]: [newbie] Noob question of the day
HB> Ok now I know more than I did do you know of a reference that lists all HB> ports and their use? Whoops, forgot my favorite one: http://ports.tantalo.net/ It's searchable and includes a lot of unofficial port usages. __ Justin Grote Network Architect, CCNA JWG Networks Email: [EMAIL PROTECTED] (remove nospam-) SMS: [EMAIL PROTECTED] (remove nospam-) Phone: (208) 631-5440 smime.p7s Description: S/MIME Cryptographic Signature
Re[2]: [newbie] Noob question of the day
On 7/21/2004 at 8:20 AM, Hoyt Bailey ([EMAIL PROTECTED]) wrote: HB> Ok now I know more than I did do you know of a reference that lists all HB> ports and their use? IANA maintains a listing of the well known port numbers, a short description, and who registered them at http://www.iana.org/assignments/port-numbers. NetworkSorcery also maintains a list, with hyperlinks to more detailed descriptions of services at http://www.networksorcery.com/enp/protocol/ip/ports0.htm The problem is that services that use relatively arbitrary port numbers (for example, webmin uses 1 even though it is not registered) will be harder to find out. There is a command that I've posted here before that will show what processes are using what ports on your system. Hopefully someone else can post it because it escapes me at the moment :) __ Justin Grote Network Architect, CCNA JWG Networks Email: [EMAIL PROTECTED] (remove nospam-) SMS: [EMAIL PROTECTED] (remove nospam-) Phone: (208) 631-5440 smime.p7s Description: S/MIME Cryptographic Signature
Re[2]: [newbie] Noob question of the day
HB> Ok I don't pretend to understand but mine are different can you explain HB> the relevance: HB> [EMAIL PROTECTED] hoyt]$ nmap localhost -p 0-65535 HB> WARNING: Scanning "port 0" is supported, but unusual. HB> Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2004-07-17 08:26 HB> CDT HB> Interesting ports on localhost (127.0.0.1): HB> (The 65528 ports scanned but not shown below are in state: closed) HB> PORT STATE SERVICE HB> 25/tcpopen smtp HB> 111/tcp open rpcbind HB> 631/tcp open ipp HB> 783/tcp open hp-alarm-mgr HB> 921/tcp open unknown HB> 6000/tcp open X11 HB> 10026/tcp open unknown HB> 32768/tcp open unknown Hi Hoyt, nmap is a tool that scans open ports on your (or someone else's computer). As a quick refresher, these tcp ports are how other people access your computer's services (and how you access other's. For example, when you open a web browser to www.cisco.com, the browser is connection to port 80 of www.cisco.com, which is the HTTP port. I asked for this information to find out why exactly he couldn't get there. THis information is useful to you too, however. For instance, you have port 25 open, which means that you are probably running a mail server such as postfix or sendmail (postfix is a default service in a default mandrake install). You also are running an X server (which is your KDE desktop), you are running CUPS (a print server, as indicated by port 631 (internet printing protocol) being open. __ Justin Grote Network Architect, CCNA The Whistlepunk Email: [EMAIL PROTECTED] (remove nospam-) SMS: [EMAIL PROTECTED] (remove nospam-) Phone: (208) 631-5440 smime.p7s Description: S/MIME Cryptographic Signature
Re[2]: [newbie] Noob question of the day
MLE> Xinetd is best for low-volumn, fast loading services, not high volumn MLE> services. For a high trafic web site, xinetd would actualy use more MLE> resources the runnig Apache in the stand alone mode. MLE> One reasion for the delay is that xinetd checks /etc/hosts.allow and MLE> /etc/hosts.deny to see if the host is allowed to connect to the service, MLE> before loading the service. Justin <---retard I'm terribly sorry, I was strangely thinking of a separate traffic shaping daemon that co-exists with xinetd when I made this statement. You are very correct, Xinetd *by itself* should only be used for infrequent services since it instances a service per connection. Thank you for exposing me for the dirty liar I am :) __ Justin Grote Network Architect, CCNA JWG Networks Email: [EMAIL PROTECTED] (remove nospam-) SMS: [EMAIL PROTECTED] (remove nospam-) Phone: (208) 631-5440 smime.p7s Description: S/MIME Cryptographic Signature
Re[2]: [newbie] Noob question of the day
EH> So, if i have xinetd and sshd running, is that duplicating services? Only if your xinetd configuration has sshd enabled under xinetd. If not, you can run xinetd and sshd simultaneously (since, like I said, xinetd is basically just a wrapper for services, and if sshd isn't enabled, it won't be served) EH> Or does xinetd intercept calls and then pass them to sshd? Yes, xinetd does intercept incoming connections and passes them to the *xinetd* version of sshd. If you have a standalone version of sshd running, it won't get the connections that are accepted by xinetd. I know this is confusing, but just remember that you can have multiple instances of the same server daemon running (think of it as multiple web browser windows open at the same time). __ Justin Grote Network Architect, CCNA JWG Networks Email: [EMAIL PROTECTED] (remove nospam-) SMS: [EMAIL PROTECTED] (remove nospam-) Phone: (208) 631-5440 smime.p7s Description: S/MIME Cryptographic Signature
Re: Re[2]: [newbie] Noob question of the day
On Sat, 10 Jul 2004 18:19:29 -0600 Justin Grote disseminated the following: > wrapper ...speaking of wrapping, any way you could keep the line wrap under 80 columns? Easier to read for all involved. Otherwise, very informative, thanks! -- JoeHill RLU #282046 / www.orderinchaos.org 20:51:11 up 11 days, 23:22, 6 users, load average: 1.70, 1.52, 1.45 +++ "Wealth is the relentless enemy of understanding." -- John Kenneth Galbraith Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re[2]: [newbie] Noob question of the day
On 7/7/2004 at 10:13 PM, EE ([EMAIL PROTECTED]) wrote: E> What is xinetd? xinetd is an enhanced version of inetd (internet daemon), which is basically a wrapper for other internet daemons. You can use xinetd to run FTP, BIND, Apache, etc. The benefit as opposed to standalone is that since everything goes through xinetd, you can tweak it more. Xinetd allows you to customize network utilization, set priorities for certain daemons, and tons of other crap. If you're a desktop user (or even a small server operator), its usually better to run everything in standalone. However, for larger scale stuff xinetd is invaluable to allocating resources. I guess you could somewhat think of it as "nice" (the program) for networking, but the analogy breaks down from there :) __ Justin Grote Network Architect, CCNA JWG Networks Email: [EMAIL PROTECTED] (remove nospam-) SMS: [EMAIL PROTECTED] (remove nospam-) Phone: (208) 631-5440 smime.p7s Description: S/MIME Cryptographic Signature
Re: Re[2]: [newbie] Noob question of the day
On Wednesday 07 July 2004 09:12 pm, Justin Grote wrote: > On 7/7/2004 at 7:39 PM, Michael Holt ([EMAIL PROTECTED]) wrote: > > > Alternatively, you can type: > > nmap localhost -p 0-65535 > > at the bash prompt (assuming you have it installed, urpmi nmap if not). > and it will tell you what ports you have open. If you do it without the > -p command, it will only scan well-known ports, but it will be much > faster. This is a good thing to do before you chkconfig so you don't > accidentally turn off a vital system service (not that there are any, I > can't think of anything that you can turn off and not have the kernel at > least come to a shell) > Below is the result of the nmap command scanning ports 1-65535, I don't see 21, 23 or 80 anywhere. So, where are these port scan sites picking up those three, from my modem? Interesting ports on localhost.localdomain (127.0.0.1): (The 65524 ports scanned but not shown below are in state: closed) Port State Service 25/tcp opensmtp 53/tcp opendomain 111/tcpopensunrpc 631/tcpopenipp 645/tcpopenunknown 783/tcpopenhp-alarm-mgr 886/tcpopenunknown 953/tcpopenrndc 6000/tcp openX11 8666/tcp openunknown 1/tcp opensnet-sensor-mgmt Nmap run completed -- 1 IP address (1 host up) scanned in 11 seconds [EMAIL PROTECTED] chris]$ -- Chris Registered Linux User 283774 http://counter.li.org 9:40pm up 9 days, 2:59, 3 users, load average: 0.66, 0.83, 0.82 Time goes, you say? Ah no! Time stays, *we* go. -- Austin Dobson Live - From Virgin Radio UK The Rolling Stones - Brown Sugar Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
Re[2]: [newbie] Noob question of the day
On 7/7/2004 at 7:39 PM, Michael Holt ([EMAIL PROTECTED]) wrote: MH> ? chkconfig --list will tell you all the services you have running; it MH> just puts the xinetd stuff at the bottom of the list. >> Thanks, and if 'xinetd' isn't running? I remember being advised to shut >> that down also quite awhile ago, just can't remember who advised me. Alternatively, you can type: nmap localhost -p 0-65535 at the bash prompt (assuming you have it installed, urpmi nmap if not). and it will tell you what ports you have open. If you do it without the -p command, it will only scan well-known ports, but it will be much faster. This is a good thing to do before you chkconfig so you don't accidentally turn off a vital system service (not that there are any, I can't think of anything that you can turn off and not have the kernel at least come to a shell) __ Justin Grote Network Architect, CCNA JWG Networks Email: [EMAIL PROTECTED] (remove nospam-) SMS: [EMAIL PROTECTED] (remove nospam-) Phone: (208) 631-5440 smime.p7s Description: S/MIME Cryptographic Signature