[Gllug] Port filtering question
salsaman at xs4all.nl
salsaman at xs4all.nl
Fri Oct 1 15:53:58 UTC 2010
On Fri, October 1, 2010 17:14, Tethys wrote:
> --------
>
> salsaman at xs4all.nl writes:
>
>>1) netstat -an shows the following ports listening:
>>
>>tcp 0 0 0.0.0.0:81 0.0.0.0:*
>> LISTEN
>>tcp 0 0 0.0.0.0:22 0.0.0.0:*
>> LISTEN
>>tcp 0 0 0.0.0.0:631 0.0.0.0:*
>> LISTEN
>>tcp 0 0 127.0.0.1:44125 0.0.0.0:*
>> LISTEN
>>tcp 0 0 0.0.0.0:8000 0.0.0.0:*
>> LISTEN
>>tcp 0 0 0.0.0.0:8001 0.0.0.0:*
>> LISTEN
>>tcp 0 0 127.0.0.1:49220 0.0.0.0:*
>> LISTEN
>>
>>81 is apache (I will explain why not 80 below), 22 is ssh and 631 is
>> cupsd.
>>
>>However I have no idea what is running on the other ports.
>
> netstat -ntlp (as root) will tell you
>
>>2) my external IP address is currently 186.212.103.8.
>>nmap shows:
>>PORT STATE SERVICE
>>80/tcp open http
>>1863/tcp open msnp
>>1864/tcp open paradym-31
>>4443/tcp open pharos
>>5190/tcp open aol
>>5566/tcp open unknown
>>49152/tcp open unknown
>>
>>now as far as I know I am not running anything on any of the ports shown.
>
> If that's still your IP address, you have a hell of a lot more than that
> open.
>
>>Any suggestions greatfully received....
>
> Don't trust the router. Get iptables set up on your box, and block
> everything except the traffic you want to be allowing through.
>
> Tet
> --
> Gllug mailing list - Gllug at gllug.org.uk
> http://lists.gllug.org.uk/mailman/listinfo/gllug
>
>
OK, thanks for all the info.
Can anybody see:
http://187.113.98.222/index.html ?
Salsaman.
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list