portscan looks like.....
Mike Silbersack
silby at silby.com
Mon Aug 23 21:37:56 PDT 2004
On Tue, 24 Aug 2004, Bob Ababurko wrote:
> Hello-
>
> I have just done a portscan on my FreeBSD box running 5.2.1 and got :
>
> PORT STATE SERVICE
> 22/tcp open ssh
> 25/tcp open smtp
> 80/tcp open http
> 111/tcp open rpcbind
> 1023/tcp open netvenuechat
>
> now, i made a faux pas when i configured this machine and had made this a nfs
> client...i belive that was the case. I am now interested in turning this
> off, and will be able to do that with rpcbind_enable="NO" in rc.conf.
> Then there is the case of the port 1023. I have no idea how to turn this
> off or how it got turned on. Could the rpcbind allowed someone into my
> computer to hack it up? I am pretty scared at this point. Can somone help
> me?
>
> thanks,
> Bob
Use sockstat to see which program is attached to which socket. IIRC, RPC
services are assigned semi-random ports, so 1023 might be what one of the
NFS services was assigned that time.
Mike "Silby" Silbersack
More information about the freebsd-net
mailing list