Date: Mon, 5 Mar 2001 22:08:19 -0300 (BRT) From: "Giovanni P. Tirloni" <tirloni@techie.com> To: <freebsd-security@freebsd.org> Cc: <dce@squish.org> Subject: Re: 31337 Message-ID: <Pine.BSF.4.33.0103052148300.15314-100000@mink.ath.cx>
next in thread | raw e-mail | index | archive | help
Hi folks, Just to add some extra info I'd like to say that I've seen nmap reporting such open ports a lot of times while doing port scans on my machines and friend's machines too. Mainly I was certifying myself of which ports I had left open after a _fresh_ install so, IMO, this is something related to nmap itself reporting such ports wrongly and not with any kind of h4x0r 4ct1v1ty. Perhaps, in some way, FreeBSD sends some kind of packet with options that make nmap report it that way. I really don't know. I'm just guessing and as those machines were not connected to the Internet I'm sure that they were not compromised. Another strange thing is that nmap reposts those ports as open only when port scanning throught the LAN/Internet and doesn't report them if I nmap the host from itself (loopback). Looks too abstract for me too. If <dce@squish.org> could send us more info about the actual situation of his machine (if it was a fresh install, if it has many users, etc) that would clarify the story. Just my two cents. -- Giovanni Picoli Tirloni tirloni@techie.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.33.0103052148300.15314-100000>