Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
06-29-2004, 12:38 PM
|
#1
|
LQ Newbie
Registered: Jun 2004
Posts: 11
Rep:
|
Port 80 listen without WebServer?
Hi,
I have a RedHat/Conectiva 8 and i runned nessus and i received the follow message:
Security Note: Port: www-http ( tcp/80)
But i don't a web server running. I runned the chkrootkit and it doesn't find nothing. The same to Clamav, that doesn't find nothing. The netstat -anp doesn't show port 80 too. But when i run the nmap from other computer, the port 80 is listening.
Anyone can help me?
Thanks
|
|
|
06-29-2004, 02:04 PM
|
#2
|
Member
Registered: Feb 2004
Posts: 467
Rep:
|
Try "lsof -i :80"
|
|
|
06-29-2004, 02:28 PM
|
#3
|
LQ Newbie
Registered: Jun 2004
Posts: 11
Original Poster
Rep:
|
I runned the command, but it doesn't show nothing.
|
|
|
06-29-2004, 10:32 PM
|
#4
|
Senior Member
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791
Rep:
|
try
#netstat -pal
Gives you a list of active ports and the services that are listening on them.
Also, run
#tcpdump dst port 80
This will list any activity on port 80 of your system.
|
|
|
06-30-2004, 09:47 AM
|
#5
|
LQ Newbie
Registered: Jun 2004
Posts: 11
Original Poster
Rep:
|
I ran this commands, but the result doesn't show port 80.
|
|
|
06-30-2004, 09:52 PM
|
#6
|
Senior Member
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791
Rep:
|
please post the entire output of nessus wrt the port 80 Security Note.
also, telnet to port 80 from another system and let us know the output.
You can try
#telnet <ip> 80
When the service responds,
get /
when telnet waits for a response.
OR, try connecting from a browser.
Last edited by ppuru; 06-30-2004 at 09:55 PM.
|
|
|
All times are GMT -5. The time now is 05:49 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|