Hi Capt_Caveman!
Quote:
137/138 are Samba ports used for filesharing with windows boxes. 2049 is NFS (another file sharing protocol). None of those are standard. I'm not sure if you just have a bunch of servers running that you aren't aware of or if the windows port scanner just sucks. Could you do: netstat -pantu on the Linux box and post the output. Also do lsof -i as well (if lsof is installed that is) and make sure it agrees with the netstat output.
|
O.K., I did have Samba installed and I had it set up so it would have to be manually started every time. Right now I can't remember if I had started it before doing the portscan or not. I thought I didn't but the portscan says otherwise.
As to the NFS protocol (2049), I *know* I didn't start that manually. Probably it was installed because I just installed the entire network package collection of Slackware. What suprises me is that it's running when I don't even know what it is, let alone how to start it.
Could it be this auto-starts by default when installed with Slackware 9.1? If so, that wouldn't be very secure.
As to the windows-port-scanner sucking, that's possible to.
When scanning the same linux box on another day, it seemed like all the open ports where like one or two numbers higher...
Giving totally different corresponding services of course... Weird huh?
Sorry, I can't do netstat -pantu or lsof -i anymore.
The hard disk is formated and busily in use with another OS now...
:-/
Hi archtoad5,
Thanks for the compliment on this thread... :-)
Capt_Caveman and others certainly made this thread valuable! :-)
But I DO like Slackware. They have one of the most wonderfull and complete documentations, especially for "newbies".
(They explain a lot of standard UNIX stuff... *GREAT* :-)))
I also like Debian, as long as it doesn't already generate errors during a default install... ;-) (But maybe I've just got a corrupt download too...?)
Anyway, I'm digging in way deeper into security now, bought a few books (just need to read em too now... ;-), some extra hardware and I won't set up another web server without intrusion detection and security stuff INSIDE my LAN, even behind my firewall.
Security isn't really fun. Not as fun as serving web files / gaming / downloading or programming.
But once you've been hacked / or rather "cracked" that really changes your motivation on digging in on security stuff.
Greetings to all,
Markie