Date: Fri, 25 May 2001 10:22:06 -0700 (PDT) From: "tjk@tksoft.com" <tjk@tksoft.com> To: memphis_ms@gmx.net (Raoul Schroeder) Cc: freebsd-security@FreeBSD.ORG (FreeBSD Security) Subject: Re: 'nother IPFW question Message-ID: <200105251722.KAA32060@smtp3.tksoft.com> In-Reply-To: <no.id> from "Raoul Schroeder" at May 25, 2001 02:21:34 PM
next in thread | previous in thread | raw e-mail | index | archive | help
Raoul, 1119 was probably a randomly selected port for the outgoing connection. Try connecting to a web server somewhere. You will always get a different port on your local side. Port 113 is authd. Therefore, if you have sendmail running on your machine, the query was most likely generated by sendmail as it was trying establish the identity of a sender from the remote machine. (sendmail always tries authd first. Failure to connect is not fatal.) lsof will tell you what application is using the port. lsof -i tcp:1119 Troy > > IPFW caught a TCP packet leaving my port 1119 going to another port 113 > I am a little worried about this, since there is nothing running on my > machine on 1119 that I know of. > > Is there a good way of finding out what is sending on port 1119? I am > only learning about securing my box, and it is hard to find all the info > I need. > > Thank you so much, > > Raoul > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200105251722.KAA32060>