On Wed, Feb 07, 2001 at 05:12:48PM -0500, Matthias G. Imhof wrote:
> Running lsof as root or various versions of netstat showed that portsentry
> owns
> these ports :-)
This is quite true. I remember now that I had the same issue come up when I
set up portsentry. If you run it in -tcp and/or -udp
On Wednesday 07 February 2001 19:57, Tom Breza wrote:
> Maybe u r runnign portsentry?
I dont think so, portsentry opens more ports!
>
> siaraX
>
> > Performing strobe or nmap on my system, I get, e.g., the following list:
> >
> > 79/tcp openfinger
> > 119/tcpopennntp
> > 143
On Wed, Feb 07, 2001 at 05:12:48PM -0500, Matthias G. Imhof wrote:
> Running lsof as root or various versions of netstat showed that portsentry owns
> these ports :-)
This is quite true. I remember now that I had the same issue come up when I
set up portsentry. If you run it in -tcp and/or -udp m
On Wednesday 07 February 2001 19:57, Tom Breza wrote:
> Maybe u r runnign portsentry?
I dont think so, portsentry opens more ports!
>
> siaraX
>
> > Performing strobe or nmap on my system, I get, e.g., the following list:
> >
> > 79/tcp openfinger
> > 119/tcpopennntp
> > 14
Running lsof as root or various versions of netstat showed that portsentry owns
these ports :-)
Thanks everyone for replying so quickly!
Matthias
--
**
* Matthias G.Imhof, Ph.D. phone: (540) 231 6004
* Matthias G. Imhof <[EMAIL PROTECTED]> [010207 15:32]:
> Performing strobe or nmap on my system, I get, e.g., the following list:
>
> 79/tcp openfinger
> 119/tcpopennntp
> 143/tcpopenimap2
> 540/tcpo
Maybe u r runnign portsentry?
siaraX
> Performing strobe or nmap on my system, I get, e.g., the following list:
>
> 79/tcp openfinger
> 119/tcpopennntp
> 143/tcpopenimap2
> 540/tcpopenuucp
I find the netstat program to be much more useful and accurate than nmap
when determining what ports are doing what on your system. For example:
# netstat -nlp | grep LISTEN
tcp0 0 0.0.0.0:515 0.0.0.0:* LISTEN
16891/lpd Waiting
tcp0 0 192.168
Matthias,
netstat -atp | less
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCS/CM>CC/IT d- s:+ a16 C++()>$ UL>$ P--- L++>++$ E+ W+(-) N+ o? K?
w---()
!O !M !V PS+(++)>+ PE-(--) Y+>+ PGP t+>+
Hi,
netstat is your friend, especially the -p option ;-)
Regards,
Chris
Matthias G. Imhof wrote:
Performing strobe or nmap on my system, I get, e.g., the following list:
79/tcp openfinger
119/tcpopennntp
143/tcpopenim
Well, finger is probably running through inetd... Either that or you
are running that scanner detecter package that binds to every port
known in the universe.
Aaron
On Wed, 7 Feb 2001, Matthias G. Imhof wrote:
> Performing strobe or nmap on my system, I get, e.g., the following list:
>
> 79/t
Performing strobe or nmap on my system, I get, e.g., the following list:
79/tcp openfinger
119/tcpopennntp
143/tcpopenimap2
540/tcpopenuucp
6667/tcp openirc
Running lsof as root or various versions of netstat showed that portsentry owns
these ports :-)
Thanks everyone for replying so quickly!
Matthias
--
**
* Matthias G.Imhof, Ph.D. phone: (540) 231 600
* Matthias G. Imhof <[EMAIL PROTECTED]> [010207 15:32]:
> Performing strobe or nmap on my system, I get, e.g., the following list:
>
> 79/tcp openfinger
> 119/tcpopennntp
> 143/tcpopenimap2
> 540/tcp
Maybe u r runnign portsentry?
siaraX
> Performing strobe or nmap on my system, I get, e.g., the following list:
>
> 79/tcp openfinger
> 119/tcpopennntp
> 143/tcpopenimap2
> 540/tcpopenuucp
I find the netstat program to be much more useful and accurate than nmap
when determining what ports are doing what on your system. For example:
# netstat -nlp | grep LISTEN
tcp0 0 0.0.0.0:515 0.0.0.0:* LISTEN
16891/lpd Waiting
tcp0 0 192.16
Matthias,
netstat -atp | less
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCS/CM>CC/IT d- s:+ a16 C++()>$ UL>$ P--- L++>++$ E+ W+(-) N+ o? K? w---()
!O !M !V PS+(++)>+ PE-(--) Y+>+ PGP t+>+
Hi,
netstat is your friend, especially the -p option ;-)
Regards,
Chris
Matthias G. Imhof wrote:
> Performing strobe or nmap on my system, I get, e.g., the following list:
>
> 79/tcp openfinger
> 119/tcpopennntp
> 143/tcpopen
Well, finger is probably running through inetd... Either that or you
are running that scanner detecter package that binds to every port
known in the universe.
Aaron
On Wed, 7 Feb 2001, Matthias G. Imhof wrote:
> Performing strobe or nmap on my system, I get, e.g., the following list:
>
> 79/
Performing strobe or nmap on my system, I get, e.g., the following list:
79/tcp openfinger
119/tcpopennntp
143/tcpopenimap2
540/tcpopenuucp
6667/tcp openirc
On Tue, Feb 06, 2001 at 10:40:49PM -0600, Jason Arden wrote:
>
> I was just reading about daemon banners and how they show exactly what
> service is runing on what port... Version etc... like WU FTP ... blha
> lbha I was told that I can use TCPWRAPPERS to change this information?
>
> Can so
-BEGIN PGP SIGNED MESSAGE-
On Wednesday 07 February 2001 15:06, Petr Cech wrote:
> On Thu, Feb 01, 2001 at 07:36:39PM + , Robert Lazzurs wrote:
> > Yea, but should this not be something that is put through straight away,
> > should security update really have to wait with the rest of t
On Tue, Feb 06, 2001 at 10:40:49PM -0600, Jason Arden wrote:
>
> I was just reading about daemon banners and how they show exactly what service is
>runing on what port... Version etc... like WU FTP ... blha lbha I was told that I
>can use TCPWRAPPERS to change this information?
>
> Can som
-BEGIN PGP SIGNED MESSAGE-
On Wednesday 07 February 2001 15:06, Petr Cech wrote:
> On Thu, Feb 01, 2001 at 07:36:39PM + , Robert Lazzurs wrote:
> > Yea, but should this not be something that is put through straight away,
> > should security update really have to wait with the rest of
On Thu, Feb 01, 2001 at 07:36:39PM + , Robert Lazzurs wrote:
> Yea, but should this not be something that is put through straight away,
> should security update really have to wait with the rest of the packages?
yes. testing will wait, because of depends usually, not bugs. As unstable
goes hal
* Colin Phipps
| It's a crude hack but works well. I have a version for 2.4.x which I didn't
| get around to uploading yet. There may be a better patch around, it's awhile
| since I looked; I'd be interested to know if anyone finds a better way of
| detection.
libc hooks. I don't like playing
On Thu, Feb 01, 2001 at 07:36:39PM + , Robert Lazzurs wrote:
> Yea, but should this not be something that is put through straight away,
> should security update really have to wait with the rest of the packages?
yes. testing will wait, because of depends usually, not bugs. As unstable
goes ha
* Colin Phipps
| It's a crude hack but works well. I have a version for 2.4.x which I didn't
| get around to uploading yet. There may be a better patch around, it's awhile
| since I looked; I'd be interested to know if anyone finds a better way of
| detection.
libc hooks. I don't like playing
On Wed, Feb 07, 2001 at 11:39:36AM +1300, Matthew Sherborne wrote:
> Because there were quite a few insecure temp file creation reports a while
> ago, perhaps some of us should use this tool to find more ASAP.
Agreed, it would only take a few people using good tools to detect these
and these prob
On Wed, Feb 07, 2001 at 11:39:36AM +1300, Matthew Sherborne wrote:
> Because there were quite a few insecure temp file creation reports a while
> ago, perhaps some of us should use this tool to find more ASAP.
Agreed, it would only take a few people using good tools to detect these
and these pro
30 matches
Mail list logo
