Date: Tue, 24 Aug 2004 08:37:30 +0200 From: Volker Kindermann <ml@ps102.de> To: Bob Ababurko <ababurko@adelphia.net> Cc: questions@freebsd.org Subject: Re: portscan looks like.... Message-ID: <20040824083730.0cbf11b6@ariel.office.volker.de> In-Reply-To: <5.2.1.1.0.20040824000315.01a74178@mail.dc2.adelphia.net> References: <5.2.1.1.0.20040824000315.01a74178@mail.dc2.adelphia.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Bob, > PORT STATE SERVICE > 22/tcp open ssh > 25/tcp open smtp > 80/tcp open http > 111/tcp open rpcbind > 1023/tcp open netvenuechat > > now, i made a faux pas when i configured this machine and had made > this a nfs client...i belive that was the case. I am now interested > in turning this off, and will be able to do that with > rpcbind_enable="NO" in rc.conf. perfectly. > Then there is the case of the port 1023. I have no idea how to > turn > this off or how it got turned on. Could the rpcbind allowed someone > into my computer to hack it up? I am pretty scared at this point. First try to disable rpcbind and look afterwards, if port 1023 is still open. If it ist, install lsof from ports. This tool will tell you which application is listening on this port. -volker
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040824083730.0cbf11b6>