Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 4 Feb 2006 23:32:57 -0800 (PST)
From:      Bill Schoolcraft <bill@wiliweld.com>
To:        Matthew Seaman <m.seaman@infracaninophile.co.uk>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: 6.0, allow remote logging?
Message-ID:  <Pine.LNX.4.61.0602042329000.16821@liam.billschoolcraft.com>
In-Reply-To: <43E48BB8.7000906@infracaninophile.co.uk>
References:  <Pine.LNX.4.61.0602032143280.7777@liam.billschoolcraft.com> <43E48BB8.7000906@infracaninophile.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help 
At Sat, 4 Feb 2006 it looks like Matthew Seaman composed:

> Bill Schoolcraft wrote:
> > But when I go to check an see if the external port 514/udp is open I
> > get nothing showing:
> > 
> > #############################################################
> > 
> > [root@logserv ~]-> nmap localhost
> > 
> > (The 1660 ports scanned but not shown below are in state: closed)
> > PORT   STATE SERVICE
> > 22/tcp open  ssh
> > 25/tcp open  smtp
> > 80/tcp open  http
> > 
> > #############################################################
> 
> Umm... by default nmap only scans /TCP/ ports.  syslog is a /UDP/ service.
> 
> Try sockstat(1) to see what network ports processes are listening on, and
> use nmap like so to scan for UDP listeners:
> 
>     # nmap -sU -p U:1-8080 hostname
> 
> Note that UDP scans intrinsically tend to take a lot longer than TCP scans --
> the nmap(1) man page explains why -- so don't try scanning too many ports at
> once, or you'll be waiting years for a result.
> 

Thanks Matthew for the above example.  I tried it and nothing came
up as open.  And my 'ps -auxw' output shows syslogd running with the
"-s <ipaddr>" too.  I wonder how to trigger that port to receive
packets.  Apparently syslogd believes all is well. :(

TIA

-- 
Bill Schoolcraft       |  Life's journey is not to arrive at the
PO Box 210076          |  grave safely in a well preserved body,
San Francisco,CA 94121 |  but rather to skid in sideways, totally
http://wiliweld.com    |  spent, yelling "holy shit, what a ride!"

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.61.0602042329000.16821>