LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 01-29-2004, 11:51 AM   #16
benjithegreat98
Senior Member
 
Registered: Dec 2003
Location: Shelbyville, TN, USA
Distribution: Fedora Core, CentOS
Posts: 1,019

Rep: Reputation: 45

Once you get root access to the machine you can also take other steps to secure it down. Port 6000 is open. This is because X-windows can accept tcp connections find out how to stop that (I found it though google). For that matter, does X need to be running on the router? You can do other things like set ssh and bind to only listen on your internal ethernet card. Also nmap 127.0.0.1 is not as effective as you'd like to think. You need to scan from the outside. Another command you'll find handy is netstat -nlp. It will report what is listening on what ports. It will help you discover what's on ports 111 and 953.
 
Old 01-29-2004, 11:52 AM   #17
WannaLearnLinux
Member
 
Registered: May 2003
Location: California
Distribution: Slax
Posts: 262

Original Poster
Rep: Reputation: 31
forgot reply

Quote:
Originally posted by zelgadis
Do you want to verify if the box is secure against attacks from outside of the lan, or secure against local attacks?

I wanna secure it from both,outside and inside connections.

I'm not a security expert but i have read in some security site (dont remember where) that if you want to verify if your box is secure against attacks from internet you must scan the box from outside your lan. Scanning from inside will give you incorrect results.

hope this help a little

That's probably true,scan it from outside,but I don't know anyone who can do that for me.My friends (Windows users only) think about me that I will hack them.Stupid.Better don't ask them.I was hacked few times at 98 and XP box.Not anymore,this is why I'm heading this (not easy for newbie) Linux way.Tired from poor "use-it-way-we-made-it as Microsoft".I rather "use-it-way-I-make-it"in MDK for now.
 
Old 01-29-2004, 12:02 PM   #18
benjithegreat98
Senior Member
 
Registered: Dec 2003
Location: Shelbyville, TN, USA
Distribution: Fedora Core, CentOS
Posts: 1,019

Rep: Reputation: 45
Ususally what I do is take a "live cd" like knoppix, for example, and run nmap from a friend's pc or maybe you can do it from work (don't get caught ). Also that website seemed to be pretty good about scanning to me. the www.GRC.com site.
 
Old 01-29-2004, 12:02 PM   #19
WannaLearnLinux
Member
 
Registered: May 2003
Location: California
Distribution: Slax
Posts: 262

Original Poster
Rep: Reputation: 31
nmap -P0 (zero)

It works now:

[grinder@localhost grinder]$ nmap -P0 192.168.bla bla - XP box

Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Interesting ports on (192.168.bla bla):
(The 1584 ports scanned but not shown below are in state: filtered)
Port State Service
21/tcp closed ftp
53/tcp closed domain
80/tcp closed http
443/tcp closed https
6000/tcp closed X11
6001/tcp closed X11:1
6002/tcp closed X11:2
6003/tcp closed X11:3
6004/tcp closed X11:4
6005/tcp closed X11:5
6006/tcp closed X11:6
6007/tcp closed X11:7
6008/tcp closed X11:8
6009/tcp closed X11:9
6050/tcp closed arcserve
8080/tcp closed http-proxy
8888/tcp closed sun-answerbook

Nmap run completed -- 1 IP address (1 host up) scanned in 161 seconds

But it looks more likely to my MDK box.
 
Old 01-29-2004, 12:06 PM   #20
benjithegreat98
Senior Member
 
Registered: Dec 2003
Location: Shelbyville, TN, USA
Distribution: Fedora Core, CentOS
Posts: 1,019

Rep: Reputation: 45
use nmap -P0 -O 192.168.0.1 the "dash oh" will try and guess the OS. SOmetimes it can sometimes it can't.
 
Old 01-29-2004, 12:09 PM   #21
WannaLearnLinux
Member
 
Registered: May 2003
Location: California
Distribution: Slax
Posts: 262

Original Poster
Rep: Reputation: 31
thanx

Quote:
Originally posted by benjithegreat98
Ususally what I do is take a "live cd" like knoppix, for example, and run nmap from a friend's pc or maybe you can do it from work (don't get caught ). Also that website seemed to be pretty good about scanning to me. the www.GRC.com site.

I didn't se you are here.

Well as I said,my friends are scared that I'll hack them.And in my job we don't have a computers.Kinda construction job.

Well I guess I have to ask my frineds and try it from their box.But don't know any LIVE CD as Knoppix. I'll look for it.

Thanx for helping,I appreciate it
 
Old 01-29-2004, 12:14 PM   #22
WannaLearnLinux
Member
 
Registered: May 2003
Location: California
Distribution: Slax
Posts: 262

Original Poster
Rep: Reputation: 31
nope

Quote:
Originally posted by benjithegreat98
use nmap -P0 -O 192.168.0.1 the "dash oh" will try and guess the OS. SOmetimes it can sometimes it can't.
Hi man,

don't why 192.168.0.1 ? What is it? I tried and it is not working..operation permitted.

Tried even 192.168.bla bla with same results.
 
Old 01-29-2004, 12:18 PM   #23
WannaLearnLinux
Member
 
Registered: May 2003
Location: California
Distribution: Slax
Posts: 262

Original Poster
Rep: Reputation: 31
netstat -nlp

too much junk,u want me post it?
 
Old 01-29-2004, 12:20 PM   #24
benjithegreat98
Senior Member
 
Registered: Dec 2003
Location: Shelbyville, TN, USA
Distribution: Fedora Core, CentOS
Posts: 1,019

Rep: Reputation: 45
http://www.knoppix.org/
It runs off of a CD and doesn't touch the hardrive. Very cool. You may even try knoppix STD or PHLAK. They are both more securty/hacking oriented.

I used 192.168.0.1 as an example IP address. Also you need root privy to use the OS dectection switch. you can type su from the command line to get into root.
 
Old 01-29-2004, 12:21 PM   #25
benjithegreat98
Senior Member
 
Registered: Dec 2003
Location: Shelbyville, TN, USA
Distribution: Fedora Core, CentOS
Posts: 1,019

Rep: Reputation: 45
type
netstat -nlp | more
or
netstat -nlp | less

You will be more interested in the top section.
 
Old 01-29-2004, 12:27 PM   #26
WannaLearnLinux
Member
 
Registered: May 2003
Location: California
Distribution: Slax
Posts: 262

Original Poster
Rep: Reputation: 31
Quote:
Originally posted by benjithegreat98
http://www.knoppix.org/
It runs off of a CD and doesn't touch the hardrive. Very cool. You may even try knoppix STD or PHLAK. They are both more securty/hacking oriented.

I used 192.168.0.1 as an example IP address. Also you need root privy to use the OS dectection switch. you can type su from the command line to get into root.

I'll look for Knoppix later.Wil have to leave work soon.But will today yet!

and as SU nmap -P0 -O blabla....operation not permitted and still working.
 
Old 01-29-2004, 12:30 PM   #27
WannaLearnLinux
Member
 
Registered: May 2003
Location: California
Distribution: Slax
Posts: 262

Original Poster
Rep: Reputation: 31
yea..thanx

Quote:
Originally posted by benjithegreat98
type
netstat -nlp | more
or
netstat -nlp | less

You will be more interested in the top section.

i found 111 port as TCP/UDP 0.0.0.0.0 and 953 as TCP only as 127.0.0.1

I wish I didn't have to wrok today so I could work here


But i will in few hours 'till late night again
 
Old 01-29-2004, 12:36 PM   #28
WannaLearnLinux
Member
 
Registered: May 2003
Location: California
Distribution: Slax
Posts: 262

Original Poster
Rep: Reputation: 31
Thanx for your time benjithegreat98 .)
 
Old 01-29-2004, 12:41 PM   #29
benjithegreat98
Senior Member
 
Registered: Dec 2003
Location: Shelbyville, TN, USA
Distribution: Fedora Core, CentOS
Posts: 1,019

Rep: Reputation: 45
type man nmap and see what's wrong. If you just type nmap with out anything else it will give some info too. No prob with the help. I'm at work and I'm bored so nothing much else to do besides this.
 
Old 01-29-2004, 12:58 PM   #30
WannaLearnLinux
Member
 
Registered: May 2003
Location: California
Distribution: Slax
Posts: 262

Original Poster
Rep: Reputation: 31
haha

I wish I had job like you

Anyway command man nmap is so much better then any tutorial on web


Gotta go,but will be back in about 3 hours.See ya.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Scan behind Router With nMap? arpanet1969 Linux - Security 1 01-28-2005 06:38 AM
Nmap with Idle scan Ephracis Linux - Security 0 12-10-2004 06:08 AM
nmap scan results juanb Linux - Security 5 11-16-2004 03:31 AM
How can I scan *every* port with nmap? davee Linux - Security 6 12-11-2003 05:44 PM
nmap scan loganwva Linux - Security 5 02-25-2003 08:16 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 08:14 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration