about nmap - Peter Rosa - org.freebsd.freebsd-security

3 messages in org.freebsd.freebsd-securityabout nmap

From	Sent On	Attachments
Zoran Kolic	Aug 7, 2004 10:36 pm
Zoran Kolic	Aug 8, 2004 11:21 pm
Peter Rosa	Aug 9, 2004 12:00 am

Subject:	about nmap
From:	Peter Rosa (pro...@pro.sk)
Date:	Aug 9, 2004 12:00:14 am
List:	org.freebsd.freebsd-security

When I find something open and check it again, it is closed. And... cannot close "syslogd" for report issues.

At least, can not you run syslogd with syslogd_flags="-ss" in /etc/rc.conf ? It disables listening on 514 at all, but still works locally. Do not use it, if your machine is used as syslogd "file server" for other machines !

And what about some milter ? It could open some local connections on high ports. Do not you have some kind of antispam system on your machine ? Or DansGuardian or something like ?

Have you tried to run "sockstat >> /some/file" every minute from cron and try to find which process opens the port ?

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets