Date: Tue, 19 Mar 2002 17:10:40 +0200 From: "Dave Raven" <dave@raven.za.net> To: "Julian Stacey" <jhs@bim.bsn.com>, <freebsd-security@freebsd.org> Subject: Re: ports 1021 1022 1023 & 587 ? Message-ID: <001b01c1cf58$458facc0$3800a8c0@DAVE> References: <200203191511.g2JFBbG55810@jhs.muc.de>
next in thread | previous in thread | raw e-mail | index | archive | help
sockstat
----- Original Message -----
From: "Julian Stacey" <jhs@bim.bsn.com>
To: <freebsd-security@freebsd.org>
Sent: Tuesday, March 19, 2002 5:11 PM
Subject: ports 1021 1022 1023 & 587 ?
> On a 4.5-RELEASE firewall ports 1021 1022 1023 are shown open by
> /usr/ports/security/portscanner, but not listed in /etc/services.
>
> Are they daemons doing auto decrement allocation from 1024 ?
> ( I'm using ipfw firewall, not using diverts (yet), not using X server,
> am using various other daemons inc. nfs amd lpd timed whod etc)
>
> Should I block some 1023 port range with ipfw on non {localhost & local
> ethernet} interfaces ? What range ?
>
> submission=587 is also open.
>
> Could someone please remind me the name of a command to back trace
> the port to whatever's opened it ? Would it be a good idea to add
> a commented hint at entry 1023 of /etc/services ?
>
> Julian Stacey Munich Unix (FreeBSD, Linux etc) Independent Consultant
> jhs@bim.bsn.com Free software: http://bim.bsn.com/~jhs/free/
> Ihr Rauchen = mein allergischer Kopfschmerz ! Schnupftabak probieren !
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001b01c1cf58$458facc0$3800a8c0>