LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 06-13-2001, 07:26 PM   #1
dilberim82
Member
 
Registered: Apr 2001
Location: NY
Distribution: used to be Redhat, now Debian Sarge
Posts: 291

Rep: Reputation: 30


Ok,
I installed Redhat 7.1 as a server on my comp and i am running a cable modem to give my friends permission to download mp3s from my comp. I also have apache 2.0 installed on it. Anyways, i scanned the ports on my comp and it found Host IP: XX.XX.XXX.XX No host name, Port N/A, Protocol ICMP, and No description is available. does anybody know what this mean? Also when i scanned with the UDP Scanner it found something on port 1, and the description is TCP-MUX-TCP Port Service Multiplexer. and then when i sacnned it it said Port 2 compressnet - management utility. Everytime i stop scanning and then start again, the port number increases by 1 and it gives different descriptions. Now it says Port 44-MPM-Flags-MPM FLAGS Protocol. is there anyway to stop people from pinging my ip? Thanks everyone.
 
Old 06-14-2001, 06:39 AM   #2
raz
Member
 
Registered: Apr 2001
Location: London
Posts: 408

Rep: Reputation: 31
What scanning software you using ?
What firewall software you running ?

Forget scanning your own box, look at what the system says it's got running, scans can miss stuff due to TCP/UDP timings.
type :
# netstat -nap

On your other question:
Whatever your using to scan the ports is not sending a known protocol like TCP is Protocol 6, ICMP is 1 etc etc etc but your scanner is sending a private protocol not in the 0-255 range.

So what happens is the Service Multiplexer replies with protocols 1-255 on port 1 and tries to connect it to the correct protocol, which it can't work out so it tries the next protocol. just a guess

Yes you can stop people pinging you by rejecting ICMP type 8 messages "and type 10, 15, 13 & 17"

/Raz



 
Old 06-20-2001, 09:23 AM   #3
rebby
LQ Newbie
 
Registered: Apr 2001
Location: Hugo, MN
Distribution: Slackware, RedHat
Posts: 24

Rep: Reputation: 15
don't stop w/just a portscan... netstat and fuser are also your friends
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Cannot Open Mail Server Ports 25, 110, and 220. Other Ports will open. Binxter Linux - Newbie 9 11-29-2007 03:03 AM
need help with ports alagenchev Linux - Security 5 10-22-2005 08:29 PM
all ports down chiggly Linux - Newbie 10 10-16-2005 07:09 PM
? about ports bwoodwar Linux - Networking 3 09-19-2005 05:33 PM
ports Pedroski Linux - Newbie 5 11-20-2004 04:33 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 02:18 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration