[Gllug] netstat -pan --inet

Harry postituk at yahoo.com
Thu Feb 7 20:15:56 UTC 2002


Hi all

In my quest to tighten this box I have been busy hunting man pages to find
the various options to close the listeners to the internet. The following is
the output from netstat -pan --inet. From what I can see they should all be
closed now but I do not understand the bottom udp options with local address
set to anything but no state. Can someone enlighten me.

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
PID/Program name
tcp        0      0 192.168.10.1:139        0.0.0.0:*
LISTEN      2059/smbd
tcp        0      0 192.168.10.1:53         0.0.0.0:*
LISTEN      2244/pdnsd
tcp        0      0 192.168.10.1:22         0.0.0.0:*
LISTEN      2219/sshd
tcp        0      0 192.168.10.1:3128       0.0.0.0:*
LISTEN      2328/(squid)
tcp        0      0 192.168.10.1:22         192.168.10.2:1047
ESTABLISHED 1877/sshd
udp        0      0 192.168.10.1:137        0.0.0.0:*
2056/nmbd
udp        0      0 0.0.0.0:137             0.0.0.0:*
2056/nmbd
udp        0      0 192.168.10.1:138        0.0.0.0:*
2056/nmbd
udp        0      0 0.0.0.0:138             0.0.0.0:*
2056/nmbd
udp        0      0 192.168.10.1:53         0.0.0.0:*
2244/pdnsd
udp        0      0 0.0.0.0:3130            0.0.0.0:*
2328/(squid)
raw        0      0 0.0.0.0:1               0.0.0.0:*               7
2244/pdnsd
raw        0      0 0.0.0.0:6               0.0.0.0:*               7
256/scanlogd
raw        0      0 0.0.0.0:6               0.0.0.0:*               7
253/scandetd
raw        0      0 0.0.0.0:17              0.0.0.0:*               7
253/scandetd


I have built a firewall and now closed the various listeners is tcp wrappers
next or chrooting stuff. I know this is not in the correct order but I
decided I would do the most interesting first.

Harry



---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.319 / Virus Database: 178 - Release Date: 1/28/02


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com


-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug




More information about the GLLUG mailing list