Hallo to everyone on the list. It is my first message in a while.
I have recently changed my internet provider as i have moved. My
previous provider was a DSL provider and the current one is the local
cable operator.Now with current provider port 80 is shown open in every
port scan test , all
Am 30.03.2011 10:36, schrieb Partha Chowdhury:
I have recently changed my internet provider as i have moved. My
previous provider was a DSL provider and the current one is the local
cable operator.Now with current provider port 80 is shown open in every
port scan test , all other ports being
On Wed, 2011-03-30 at 14:06 +0530, Partha Chowdhury wrote:
Now with current provider port 80 is shown open in every
port scan test
This is usually caused by a transparent proxy. When nmap hits port 80,
it will get redirected to the proxy server. Try doing an nmap -sV and
you'll see what
On Wed, 30 Mar 2011 14:06:48 +0530, Partha Chowdhury wrote:
Output from lsof:
sudo /bin/lsof -i
COMMANDPID USER FD TYPE DEVICE SIZE NODE NAME
pdnsd 1207 nobody4u IPv4 2434 TCP localhost:domain
(LISTEN)
pdnsd 1207 nobody5u IPv4 2435 UDP
On 30/03/11 14:16, Thomas Bächler wrote:
Am 30.03.2011 10:36, schrieb Partha Chowdhury:
sudo /sbin/iptables-save
# Generated by iptables-save v1.4.7 on Wed Mar 30 13:59:44 2011
*filter
:INPUT DROP [2844:282816]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [:990098]
-A INPUT -i lo -j ACCEPT
-A INPUT
On Wed, 2011-03-30 at 15:45 +0530, Partha Chowdhury wrote:
So it seems my ISP is running squid version 3.2.0.4-20110203 in
transparent mode , just like you said.
Interestingly when connecting to random ip addresses on port 80, the
error page returned is quite different from normal ones.
I give up trying to understand this.
Initially you were complaining about port 80 being open on your host,
you gave us a list of open ports - not an nmap of another host.
So now a transparent proxy is the concern?
On Wed, 30 Mar 2011 15:45:18 +0530, Partha Chowdhury wrote:
nmap -sV
On 30/03/11 15:58, Jan de Groot wrote:
The threat here is that your ISP will log every page visit you do and
also has the ability to block certain websites.
The only thing you can do is setting up a tunnel or using a different
proxyserver that you trust.
Doesn't every ISP keeps logs of what
Am 30.03.2011 12:15, schrieb Partha Chowdhury:
Well I picked this configuration from Red Hat training books, except for
port 54215 which I open for bit torrent.
What do you suggest about the ideal iptables configuration for basic
desktop user -
This comes with our iptables package:
$ cat
Am 30.03.2011 12:48, schrieb Partha Chowdhury:
The threat here is that your ISP will log every page visit you do and
also has the ability to block certain websites.
Doesn't every ISP keeps logs of what sites its customers are visiting
for a certain amount of time ?
If you live in China, yes.
On Wed, 30 Mar 2011 16:18:47 +0530, Partha Chowdhury wrote:
initially I wanted to know why port 80 is shown open on my machine
and i gave the lsof output to show that no service was listening to
port 80 on my machine. The nmap output of the ip - that is my public
ip at the moment ( got that by
On 03/30/2011 11:04 AM, Simon Perry wrote:
I think you're confused.
That's essentially a netstat, I can't see where you have 80 open on
your IP of 172.16.37.164.
It just shows you have a connection *to* port 80 to an Akamai host (a
common provider of localised content used by many
On 30/03/11, Jakob Gruber wrote:
| Off topic, but your mails always break list threads. Please fix your
| client to make reading these lists easier for everyone :)
Am I doing it right? :)
(using mutt v Roundcube)
--
Simon Perry (aka Pezz)
[ s a n x i o n . n e t ]
On 03/30/2011 02:51 PM, Simon Perry wrote:
On 30/03/11, Jakob Gruber wrote:
| Off topic, but your mails always break list threads. Please fix your
| client to make reading these lists easier for everyone :)
Am I doing it right? :)
(using mutt v Roundcube)
Perfect, thanks.
On 30/03/11 16:40, Richard Schütz wrote:
The output of ip addr show would be interesting.
here is the output:
ip addr show
1: lo: LOOPBACK,UP,LOWER_UP mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
2: eth0:
On 30/03/11 14:20, Jan de Groot wrote:
This is usually caused by a transparent proxy. When nmap hits port 80,
it will get redirected to the proxy server. Try doing an nmap -sV and
you'll see what software is running on the proxyserver.
While googling for ways of detecting transparent proxy
Excerpts from Thomas Bächler's message of 2011-03-30 12:57:45 +0200:
Am 30.03.2011 12:48, schrieb Partha Chowdhury:
The threat here is that your ISP will log every page visit you do and
also has the ability to block certain websites.
Doesn't every ISP keeps logs of what sites its
On Wed, 2011-03-30 at 17:27 +0200, Philipp Überbacher wrote:
If you live in a civilized country in Europe data retention either is
already in place or will be rather soon. The US might have a different
approach but I doubt the net result is much different.
Those regulations are about email
On 30/03/11 19:38, Thomas Bächler wrote:
You cannot hide yourself on the internet. If you were offline, the
next router would reply that your machine is unreachable. By not
answering, you not only tell the attacker that you are online, you
also tell him that you don't know shit about
Excerpts from Jan de Groot's message of 2011-03-30 17:52:00 +0200:
On Wed, 2011-03-30 at 17:27 +0200, Philipp Überbacher wrote:
If you live in a civilized country in Europe data retention either is
already in place or will be rather soon. The US might have a different
approach but I doubt
Am 30.03.2011 18:22, schrieb Philipp Überbacher:
I doubt that: The Directive as adopted covers fixed telephony, mobile
telephony, Internet access, Internet email and Internet telephony.
http://en.wikipedia.org/wiki/Telecommunications_data_retention#European_Union
It only covers connection data
21 matches
Mail list logo
