Date: Wed, 17 May 2000 11:51:24 +0300 From: Yonatan Bokovza <Yonatan@xpert.com> To: 'Mark Ovens' <mark@ukug.uk.freebsd.org>, questions@freebsd.org Subject: RE: Is port scanning a problem? Message-ID: <00BF97DD9F3FD311AB860060084E50DD311B36@exchange.xpert.com>
next in thread | raw e-mail | index | archive | help
----Original Message----- From: Mark Ovens [mailto:mark@ukug.uk.freebsd.org] >Sent: Tuesday, May 16, 2000 9:39 PM >To: questions@freebsd.org >Subject: Is port scanning a problem? >My ISP's support newsgroup has lots of threads about "port scanning". >Most of the people there are Windozers and since I've never heard any >mention of it here I assume that it is a Windows vulnerability and not >an issue if I connect only from FreeBSD. Is this correct? No. >I checked out Steve Gibson's site (http://wrc.com) which has a test >program to check the vulnerability of your machine. The only thing >that showed up in my logs when I ran this was in /var/log/messages: >May 16 20:23:18 parish inetd[96]: /usr/libexec/fingerd[1438]: exit status 0x100 >Any need to worry? Might be, you see- port scanning is the action of checking what ports are open on a specified (or range of) IP. Services that your computer runs (fingerd in your case, others are httpd, ftpd, smtp etc.) listen to port, waiting for an outsider to connect them. They listen to specific ports, smtp listens to port 25, httpd to port 80. A list of well known ports can be found at RFC 1700 if i remember correctly. So, port scaning is the action of detemining what services does a computer offer to the world- the next step being 'exploit that service to gain access". The thing is you can passively listen to someone scanning you and that where Intrusion Detection Systems. >-- > ...and on the eighth day God created UNIX P.S. if you don't have a good reason- turn off the fingerd, i gives too much information about you. Regards, Yonatan@xpert.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00BF97DD9F3FD311AB860060084E50DD311B36>