From owner-freebsd-security Fri Apr 25 00:55:45 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id AAA00680 for security-outgoing; Fri, 25 Apr 1997 00:55:45 -0700 (PDT) Received: from hydrogen.nike.efn.org (resnet.uoregon.edu [128.223.170.28]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id AAA00674 for ; Fri, 25 Apr 1997 00:55:41 -0700 (PDT) Received: (from jmg@localhost) by hydrogen.nike.efn.org (8.8.4/8.8.4) id AAA17278; Fri, 25 Apr 1997 00:55:33 -0700 (PDT) Message-ID: <19970425005533.56693@hydrogen.nike.efn.org> Date: Fri, 25 Apr 1997 00:55:33 -0700 From: John-Mark Gurney To: joed@ksu.edu Cc: security@freebsd.org Subject: Re: What's on Port 1024? References: <199704250416.XAA00719@fox> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.69 In-Reply-To: <199704250416.XAA00719@fox>; from joed@ksu.edu on Thu, Apr 24, 1997 at 11:16:01PM -0500 Reply-To: John-Mark Gurney Organization: Cu Networking X-Operating-System: FreeBSD 2.2-960801-SNAP i386 X-PGP-Fingerprint: B7 EC EF F8 AE ED A7 31 96 7A 22 B3 D8 56 36 F4 X-Files: The truth is out there X-URL: http://resnet.uoregon.edu/~gurney_j/ Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk joed@ksu.edu scribbled this message on Apr 24: > Greetings, > > I'm currently in the proccess of trying to lock down a FreeBSD workstation > as a firewall, and noticed that my FreeBSD machine is listening to port > 1024. I'm fairly stumped as to what this might be.. According to the > port number database (http://www.sockets.com/services.htm) 1024 is > reserved. > > Any thought as to what's listening to this port? try: lsof | grep 1024 on my machine it returns a line like: xdm 214 root 5u inet 0xf17bbc00 0t0 TCP *:1024 so it looks like the process is xdm.... ttyl.. -- John-Mark Cu Networking Modem/FAX: +1 541 683 6954 Live in Peace, destroy Micro$oft, support free software, run FreeBSD