trojan problem
Anders Karlsson
trudheim at gmail.com
Tue Jan 24 05:32:28 UTC 2006
On 1/24/06, Brian Walker <bfwalker at gmail.com> wrote:
[snip]
> Follow up:
>
> clean install has happened. nmap showed once again an open port that I did
> not expect:
>
> (The 1660 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 25/tcp open smtp
> 631/tcp open ipp
> 32770/tcp open sometimes-rpc3
>
> Nmap finished: 1 IP address (1 host up) scanned in 0.296 seconds
Port 25 is your MTA, 631 is CUPS and the sometimes-rpc3/32770 is
explained in this post,
http://www.ubuntuforums.org/archive/index.php/t-77684.html. Nothing to
worry about I'd say.
> This is despite having configured Bastille, and shutting down services as
> far as reasonable. I wonder if there is not a residual backdoor being left
> open? Any ideas on this? (BTW scanning other addresses shows no open ports
> or unexpected services)
When you cfg your firewall, the best policy is deny by default, only
allow what you need. I can send you a copy of my fwbuilder firewall if
you want to look at that as an example.
Regards,
--
Anders Karlsson <trudheim at gmail.com>
More information about the ubuntu-users
mailing list