From owner-freebsd-security  Mon Jan 27 21:43:24 2003
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 39BCB37B401
	for <freebsd-security@FreeBSD.ORG>; Mon, 27 Jan 2003 21:43:21 -0800 (PST)
Received: from smtp.javamoh.net (226049.D17-226.ncu.edu.tw [140.115.226.49])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1456B43F43
	for <freebsd-security@FreeBSD.ORG>; Mon, 27 Jan 2003 21:43:11 -0800 (PST)
	(envelope-from spam@javamoh.net)
Received: from pa (61-216-134-163.HINET-IP.hinet.net [61.216.134.163])
	by smtp.javamoh.net (Postfix) with ESMTP
	id 103E523347; Tue, 28 Jan 2003 13:42:45 +0800 (CST)
Message-ID: <004501c2c690$127912b0$0701a8c0@pa>
From: "Lord Ouch" <spam@javamoh.net>
To: "Kenzo" <kenzo_chin@hotmail.com>, <freebsd-security@FreeBSD.ORG>
References: <DAV6781XnKBWLNtmSRQ00017e50@hotmail.com>
Subject: Re: portscan question
Date: Tue, 28 Jan 2003 13:42:07 +0800
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

sure, that's ok.
portsentry open those ports in order to monitor unexpected incoming
connections,
and when such a connection occurs, it blocks the source (from which
intruders may come).
you can change them in the configuration file.
it is usually recommended to use snort rather than portsentry under
freebsd.........
since i am never a snort user, i have no idea about it.
- --
With regards
Lord Ouch

- ----- Original Message -----
From: "Kenzo" <kenzo_chin@hotmail.com>
To: <freebsd-security@FreeBSD.ORG>
Sent: Tuesday, January 28, 2003 2:34 AM
Subject: portscan question


> This is what I got when I ran nmap against my server from inside my
network.
> everything looks good from the outsite.
> I'm curious to why when I have portsentry turned on, I see all these
ports.
> and when I don't I only see the ones I'm runnin.
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQA/AwUBPjYYLXbw5IZCFbKyEQKN6ACg1YvpwPDDObZmLMnt8XkuufynLr0An1mW
aCr8QZ/p9jk3wpPjDumRFE3t
=CamQ
-----END PGP SIGNATURE-----


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message