Re: portscan looks like.....
From: Mike Silbersack (silby_at_silby.com)
Date: 08/24/04
- Previous message: Bob Ababurko: "portscan looks like....."
- In reply to: Bob Ababurko: "portscan looks like....."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Mon, 23 Aug 2004 23:37:53 -0500 (CDT) To: Bob Ababurko <ababurko@adelphia.net>
On Tue, 24 Aug 2004, Bob Ababurko wrote:
> Hello-
>
> I have just done a portscan on my FreeBSD box running 5.2.1 and got :
>
> PORT STATE SERVICE
> 22/tcp open ssh
> 25/tcp open smtp
> 80/tcp open http
> 111/tcp open rpcbind
> 1023/tcp open netvenuechat
>
> now, i made a faux pas when i configured this machine and had made this a nfs
> client...i belive that was the case. I am now interested in turning this
> off, and will be able to do that with rpcbind_enable="NO" in rc.conf.
> Then there is the case of the port 1023. I have no idea how to turn this
> off or how it got turned on. Could the rpcbind allowed someone into my
> computer to hack it up? I am pretty scared at this point. Can somone help
> me?
>
> thanks,
> Bob
Use sockstat to see which program is attached to which socket. IIRC, RPC
services are assigned semi-random ports, so 1023 might be what one of the
NFS services was assigned that time.
Mike "Silby" Silbersack
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
- Previous message: Bob Ababurko: "portscan looks like....."
- In reply to: Bob Ababurko: "portscan looks like....."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
