My IP address get Blacklisted

satishmali1983 · 04-08-2009, 09:16 AM

Hello
I ma mandriva 2008.0 Linux system
Before few days My IP get blacklisted
I am new in linux & don't know how to analysis this problem
plz help me to sort out this problem.
My linux server is NAT server from which we are using internet to other m/c, qmail server is there but it is for local use within subnet only.

This is my nmap output, plz help me to analysis this issue & guide what port need to close to avoid any attacks or spams.

tarting Nmap 4.20 ( http://insecure.org ) at 2009-04-08 17:56 IST
Initiating SYN Stealth Scan at 17:56
Scanning livetekindia.com (192.168.10.2) [1697 ports]
Discovered open port 22/tcp on 192.168.10.2
Discovered open port 21/tcp on 192.168.10.2
Discovered open port 53/tcp on 192.168.10.2
Discovered open port 23/tcp on 192.168.10.2
Discovered open port 25/tcp on 192.168.10.2
Discovered open port 443/tcp on 192.168.10.2
Discovered open port 80/tcp on 192.168.10.2
Discovered open port 106/tcp on 192.168.10.2
Discovered open port 3128/tcp on 192.168.10.2
Discovered open port 993/tcp on 192.168.10.2
Discovered open port 445/tcp on 192.168.10.2
Discovered open port 6000/tcp on 192.168.10.2
Discovered open port 143/tcp on 192.168.10.2
Discovered open port 8080/tcp on 192.168.10.2
Discovered open port 110/tcp on 192.168.10.2
Discovered open port 139/tcp on 192.168.10.2
Discovered open port 1241/tcp on 192.168.10.2
Completed SYN Stealth Scan at 17:56, 0.11s elapsed (1697 total ports)

PORT STATE SERVICE VERSION
21/tcp open ftp ProFTPD 1.3.2
22/tcp open ssh OpenSSH 4.7 (protocol 2.0)
23/tcp open telnet BSD-derived telnetd
25/tcp open smtp qmail smtpd
53/tcp open domain ISC Bind dnsmasq-2.39
80/tcp open http Apache httpd 2.2.6 ((Mandriva Linux/PREFORK-8.2mdv2008.0))
106/tcp open tcpwrapped
110/tcp open pop3 qmail pop3d
139/tcp open netbios-ssn Samba smbd 3.X (workgroup: LINUXRT)
143/tcp open imap Courier Imapd (released 2005)
443/tcp open ssl/http Apache httpd 2.2.6 ((Mandriva Linux/PREFORK-8.2mdv2008.0))
445/tcp open netbios-ssn Samba smbd 3.X (workgroup: LINUXRT)
993/tcp open ssl/imap Courier Imapd (released 2005)
1241/tcp open ssl/unknown
3128/tcp open http-proxy Squid webproxy 2.6.STABLE16
6000/tcp open X11 (access denied)
8080/tcp open http Apache httpd 2.2.6 ((Mandriva Linux/PREFORK-8.2mdv2008.0))

TB0ne · 04-08-2009, 09:30 AM

Quote:

Originally Posted by satishmali1983

Hello
I ma mandriva 2008.0 Linux system
Before few days My IP get blacklisted
I am new in linux & don't know how to analysis this problem
plz help me to sort out this problem.
My linux server is NAT server from which we are using internet to other m/c, qmail server is there but it is for local use within subnet only.

This is my nmap output, plz help me to analysis this issue & guide what port need to close to avoid any attacks or spams.

Please write and spell clearly...your question is very hard to understand, especially with the 'shorthand' words.

You say your system gets blacklisted...from what, by whom? What are you running on the system? Is it blacklisted totally, and won't connect to ANYTHING, or are you just denied some sites? Or is it just blacklisted for email?

Also, you say "we are using internet to other m/c"? What does that mean?

satishmali1983 · 04-08-2009, 09:47 AM

Thanks to give attention to problem. r u there to help me on line?

farslayer · 04-08-2009, 10:02 AM

All help here is done through the forums..
You could start by clarifying the issue/question as TBOne requested..