Runlevel Configuration in g-s-t
John
dingo at coco2.arach.net.au
Sun Sep 19 00:41:31 UTC 2004
Jeff Waugh wrote:
>We have a "no listening ports" policy by default. If you need sshd, you have
>the option of installing it, and know that you're turning it on by doing so.
>You make a very explicit choice, which is a minor inconvenience to pay for a
>secure system by default.
>
>
"no listening ports" is not the same thing as not installed. Postfix is
installed but not listening to the outside.
Here's a portscan of sounder8:
Kookaburra:~# nmap -O 192.168.11.254
Starting nmap 3.55 ( http://www.insecure.org/nmap/ ) at 2004-09-19 00:04 GMT
Interesting ports on 192.168.11.254:
(The 1659 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
111/tcp open rpcbind
Device type: general purpose
Running: Linux 2.4.X|2.5.X|2.6.X
OS details: Linux 2.4.18 - 2.6.4 (x86)
Uptime 0.021 days (since Sat Sep 18 23:34:11 2004)
Nmap run completed -- 1 IP address (1 host up) scanned in 11.322 seconds
Kookaburra:~#
and another:
Kookaburra:~# nmap -O -sU 192.168.11.254
Starting nmap 3.55 ( http://www.insecure.org/nmap/ ) at 2004-09-19 00:06 GMT
Warning: OS detection will be MUCH less reliable because we did not
find at least 1 open and 1 closed TCP port
Interesting ports on 192.168.11.254:
(The 1476 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
68/udp open dhcpclient
111/udp open rpcbind
Device type: general purpose|broadband router
Running: Linux 2.4.X|2.5.X|2.6.X, Belkin embedded
Too many fingerprints match this host to give specific OS details
Nmap run completed -- 1 IP address (1 host up) scanned in 1467.742 seconds
Kookaburra:~#
More information about the ubuntu-users
mailing list