From owner-freebsd-questions  Sun Oct  3 14: 9:51 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from dt011n66.san.rr.com (dt011n66.san.rr.com [204.210.13.102])
	by hub.freebsd.org (Postfix) with ESMTP id 7BAF7152A6
	for <FreeBSD-questions@FreeBSD.ORG>; Sun,  3 Oct 1999 14:09:35 -0700 (PDT)
	(envelope-from Doug@gorean.org)
Received: from gorean.org (master [10.0.0.2])
	by dt011n66.san.rr.com (8.9.3/8.8.8) with ESMTP id OAA25247;
	Sun, 3 Oct 1999 14:09:33 -0700 (PDT)
	(envelope-from Doug@gorean.org)
Message-ID: <37F7C60D.A24AA494@gorean.org>
Date: Sun, 03 Oct 1999 14:09:33 -0700
From: Doug <Doug@gorean.org>
Organization: Triborough Bridge & Tunnel Authority
X-Mailer: Mozilla 4.7 [en] (X11; I; FreeBSD 4.0-CURRENT-0927 i386)
X-Accept-Language: en
MIME-Version: 1.0
To: "Stephen A. Derdau" <sderdau@ne.mediaone.net>
Cc: "Questions @ FreeBSD" <FreeBSD-questions@FreeBSD.ORG>
Subject: Re: netstat ?
References: <37F5F531.4F7841D0@ne.mediaone.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

"Stephen A. Derdau" wrote:
> 
> I've been working on setting up my system for a little more security.
> I've been looking at this link for information.
> http://www.bellnetworks.net/cs/showrec.php3?story_id=3
> 
> doing a netstat -a  I see the following
> 
> are these anything to be concerned about  in regards to security issues
> ?:
> that is I don't see refrence to anything regarding icmp

	It's used for a lot of things related to the soft underbelly of TCP/IP
networking. There's lot of books that explain this in more detail, but
it is needed and it won't hurt anything. 

>  or *.6011 *.6010.

	Those are opened up by ssh to do X forwarding. I believe that someone
else mentioned the sockstat program. If you're not already using
3.3-Stable you should upgrade asap. That would be a very valuable first
step in security, more so depending on how old your current freebsd
installation is. 

> I'm not sure what these are and I'd like to be able to understand it a
> little more.
> 
> Proto Recv-Q Send-Q  Local Address          Foreign Address
> (state)
> udp        0              0              *.bootpc                   *.*

	This is the dhcp client port. 
 
Hope this helps,

Doug
-- 
"Stop it, I'm gettin' misty." 

    - Mel Gibson as Porter, "Payback"


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message