[Gllug] netstat -pan --inet
Harry
postituk at yahoo.com
Thu Feb 7 20:15:56 UTC 2002
Hi all
In my quest to tighten this box I have been busy hunting man pages to find
the various options to close the listeners to the internet. The following is
the output from netstat -pan --inet. From what I can see they should all be
closed now but I do not understand the bottom udp options with local address
set to anything but no state. Can someone enlighten me.
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
PID/Program name
tcp 0 0 192.168.10.1:139 0.0.0.0:*
LISTEN 2059/smbd
tcp 0 0 192.168.10.1:53 0.0.0.0:*
LISTEN 2244/pdnsd
tcp 0 0 192.168.10.1:22 0.0.0.0:*
LISTEN 2219/sshd
tcp 0 0 192.168.10.1:3128 0.0.0.0:*
LISTEN 2328/(squid)
tcp 0 0 192.168.10.1:22 192.168.10.2:1047
ESTABLISHED 1877/sshd
udp 0 0 192.168.10.1:137 0.0.0.0:*
2056/nmbd
udp 0 0 0.0.0.0:137 0.0.0.0:*
2056/nmbd
udp 0 0 192.168.10.1:138 0.0.0.0:*
2056/nmbd
udp 0 0 0.0.0.0:138 0.0.0.0:*
2056/nmbd
udp 0 0 192.168.10.1:53 0.0.0.0:*
2244/pdnsd
udp 0 0 0.0.0.0:3130 0.0.0.0:*
2328/(squid)
raw 0 0 0.0.0.0:1 0.0.0.0:* 7
2244/pdnsd
raw 0 0 0.0.0.0:6 0.0.0.0:* 7
256/scanlogd
raw 0 0 0.0.0.0:6 0.0.0.0:* 7
253/scandetd
raw 0 0 0.0.0.0:17 0.0.0.0:* 7
253/scandetd
I have built a firewall and now closed the various listeners is tcp wrappers
next or chrooting stuff. I know this is not in the correct order but I
decided I would do the most interesting first.
Harry
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.319 / Virus Database: 178 - Release Date: 1/28/02
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list