[Gllug] Port filtering question
salsaman at xs4all.nl
salsaman at xs4all.nl
Fri Oct 1 16:01:38 UTC 2010
On Fri, October 1, 2010 17:53, salsaman at xs4all.nl wrote:
> On Fri, October 1, 2010 17:14, Tethys wrote:
>> --------
>>
>> salsaman at xs4all.nl writes:
>>
>>>1) netstat -an shows the following ports listening:
>>>
>>>tcp 0 0 0.0.0.0:81 0.0.0.0:*
>>> LISTEN
>>>tcp 0 0 0.0.0.0:22 0.0.0.0:*
>>> LISTEN
>>>tcp 0 0 0.0.0.0:631 0.0.0.0:*
>>> LISTEN
>>>tcp 0 0 127.0.0.1:44125 0.0.0.0:*
>>> LISTEN
>>>tcp 0 0 0.0.0.0:8000 0.0.0.0:*
>>> LISTEN
>>>tcp 0 0 0.0.0.0:8001 0.0.0.0:*
>>> LISTEN
>>>tcp 0 0 127.0.0.1:49220 0.0.0.0:*
>>> LISTEN
>>>
>>>81 is apache (I will explain why not 80 below), 22 is ssh and 631 is
>>> cupsd.
>>>
>>>However I have no idea what is running on the other ports.
>>
>> netstat -ntlp (as root) will tell you
>>
>>>2) my external IP address is currently 186.212.103.8.
>>>nmap shows:
>>>PORT STATE SERVICE
>>>80/tcp open http
>>>1863/tcp open msnp
>>>1864/tcp open paradym-31
>>>4443/tcp open pharos
>>>5190/tcp open aol
>>>5566/tcp open unknown
>>>49152/tcp open unknown
>>>
>>>now as far as I know I am not running anything on any of the ports
>>> shown.
>>
>> If that's still your IP address, you have a hell of a lot more than that
>> open.
>>
>>>Any suggestions greatfully received....
>>
>> Don't trust the router. Get iptables set up on your box, and block
>> everything except the traffic you want to be allowing through.
>>
>> Tet
>> --
>> Gllug mailing list - Gllug at gllug.org.uk
>> http://lists.gllug.org.uk/mailman/listinfo/gllug
>>
>>
>
>
>
> OK, thanks for all the info.
>
> Can anybody see:
>
> http://187.113.98.222/index.html ?
>
>
Please also try
http://187.113.98.222:81
Salsaman.
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list