does this look fishy or normal?
When I do nmap localhost I get this:
Not shown: 1678 closed ports PORT STATE SERVICE 631/tcp open ipp Doesnt 631 have something to do with the printer? |
Looks fine to me.
If you aren't using a printer at all then you can go ahead and disable the CUPS service. CUPS uses port 631 and you can chmod -x /etc/rc.d/rc.cups if you'll never use a printer. |
Probably a good idea to run 'netstat -pantu' in order to verify that it is the printing service (backdoors are often configured to run on ports of other services). Also I would recommend performing your nmap scans from a remote computer as the results may be different than if you scan localhost.
|
Thanks, I will give those recommendations a try.
|
Just some info on how to track this down yourself for future reference:
Code:
[hector@troy ~]$ grep '\<631/' /etc/services |
So if I ever use nmap it should be from another computer, but what if both computers are connected to a router?(the same router)
|
Quote:
|
All times are GMT -5. The time now is 07:28 AM. |