Once you get root access to the machine you can also take other steps to secure it down. Port 6000 is open. This is because X-windows can accept tcp connections find out how to stop that (I found it though google). For that matter, does X need to be running on the router? You can do other things like set ssh and bind to only listen on your internal ethernet card. Also nmap 127.0.0.1 is not as effective as you'd like to think. You need to scan from the outside. Another command you'll find handy is netstat -nlp. It will report what is listening on what ports. It will help you discover what's on ports 111 and 953.

That's probably true,scan it from outside,but I don't know anyone who can do that for me.My friends (Windows users only) think about me that I will hack them.Stupid.Better don't ask them.I was hacked few times at 98 and XP box.Not anymore,this is why I'm heading this (not easy for newbie) Linux way.Tired from poor "use-it-way-we-made-it as Microsoft".I rather "use-it-way-I-make-it"in MDK for now.

Ususally what I do is take a "live cd" like knoppix, for example, and run nmap from a friend's pc or maybe you can do it from work (don't get caught ). Also that website seemed to be pretty good about scanning to me. the www.GRC.com site.

It works now:

[grinder@localhost grinder]$ nmap -P0 192.168.bla bla - XP box

Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Interesting ports on (192.168.bla bla):
(The 1584 ports scanned but not shown below are in state: filtered)
Port State Service
21/tcp closed ftp
53/tcp closed domain
80/tcp closed http
443/tcp closed https
6000/tcp closed X11
6001/tcp closed X11:1
6002/tcp closed X11:2
6003/tcp closed X11:3
6004/tcp closed X11:4
6005/tcp closed X11:5
6006/tcp closed X11:6
6007/tcp closed X11:7
6008/tcp closed X11:8
6009/tcp closed X11:9
6050/tcp closed arcserve
8080/tcp closed http-proxy
8888/tcp closed sun-answerbook

Nmap run completed -- 1 IP address (1 host up) scanned in 161 seconds

But it looks more likely to my MDK box.

use nmap -P0 -O 192.168.0.1 the "dash oh" will try and guess the OS. SOmetimes it can sometimes it can't.

I didn't se you are here.

Well as I said,my friends are scared that I'll hack them.And in my job we don't have a computers.Kinda construction job.

Well I guess I have to ask my frineds and try it from their box.But don't know any LIVE CD as Knoppix. I'll look for it.

Thanx for helping,I appreciate it

Hi man,

don't why 192.168.0.1 ? What is it? I tried and it is not working..operation permitted.

Tried even 192.168.bla bla with same results.

netstat -nlp

too much junk,u want me post it?

http://www.knoppix.org/
It runs off of a CD and doesn't touch the hardrive. Very cool. You may even try knoppix STD or PHLAK. They are both more securty/hacking oriented.

I used 192.168.0.1 as an example IP address. Also you need root privy to use the OS dectection switch. you can type su from the command line to get into root.

type
netstat -nlp | more
or
netstat -nlp | less

You will be more interested in the top section.

I'll look for Knoppix later.Wil have to leave work soon.But will today yet!

and as SU nmap -P0 -O blabla....operation not permitted and still working.

i found 111 port as TCP/UDP 0.0.0.0.0 and 953 as TCP only as 127.0.0.1

I wish I didn't have to wrok today so I could work here


But i will in few hours 'till late night again

Thanx for your time benjithegreat98 .)

type man nmap and see what's wrong. If you just type nmap with out anything else it will give some info too. No prob with the help. I'm at work and I'm bored so nothing much else to do besides this.

I wish I had job like you

Anyway command man nmap is so much better then any tutorial on web


Gotta go,but will be back in about 3 hours.See ya.