Date: Mon, 9 Aug 2004 09:00:04 +0200 From: "Peter Rosa" <prosa@pro.sk> To: "FreeBSD Security" <freebsd-security@freebsd.org> Cc: Zoran Kolic <kolicz@eunet.yu> Subject: Re: about nmap Message-ID: <001e01c47dde$7f562420$3501a8c0@pro.sk> References: <20040808053526.GA652@kolic.net><a992d1e5040808111970de2d93@mail.gmail.com> <20040809061818.GA634@kolic.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> When I find something open and check > it again, it is closed. And... cannot > close "syslogd" for report issues. At least, can not you run syslogd with syslogd_flags="-ss" in /etc/rc.conf ? It disables listening on 514 at all, but still works locally. Do not use it, if your machine is used as syslogd "file server" for other machines ! And what about some milter ? It could open some local connections on high ports. Do not you have some kind of antispam system on your machine ? Or DansGuardian or something like ? Have you tried to run "sockstat >> /some/file" every minute from cron and try to find which process opens the port ? Peter Rosa
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001e01c47dde$7f562420$3501a8c0>