freebsd-security Digest, Vol 71, Issue 2
c0ldbyte
c0ldbyte at myrealbox.com
Sun Aug 8 15:49:55 PDT 2004
> From: Zoran Kolic <kolicz at eunet.yu>
> Subject: about nmap
> To: freebsd-security at freebsd.org
> Message-ID: <20040808053526.GA652 at kolic.net>
> Content-Type: text/plain; charset=us-ascii
>
> Dear all!
> Last evening I've noticed that
> my 5.2 box had strange result
> about nmap search. One port is
> randomly open when I look from
> user account. From root everything
> looks as expected. The comp is
> most time out of internet. The
> last thing was adding "expect"
> package. I am not paniced, could
> be hiting... Or something in
> "expect" package... It is random
> port from 53000 to 57000.
> Has someone any idea?
> Best regards.
>
> ZK
>
Yes this is going to be one of the ports that nmap uses to relay or
recieve information back to the client itself. Everything that has
anything to do with analyzing the network is going to open a port
to recieve back on and most commonly if its because your noticing
that port well scanning from a user account its just because of the
nmap software picking that port up and not ignoring it like it should
be.
This e-mail may be privileged and/or confidential, and the sender
does not waive any related rights and obligations. Any distribution, use
or copying of this e-mail or the information it contains by other than an
intended recipient is unauthorized. If you received this e-mail in error,
please advise me (by return e-mail or otherwise) immediately.
More information about the freebsd-security
mailing list