From owner-freebsd-security Thu May 30 17:54:48 2002 Delivered-To: freebsd-security@freebsd.org Received: from notes.dndlabs.net (rdu88-251-049.nc.rr.com [24.88.251.49]) by hub.freebsd.org (Postfix) with ESMTP id D55A437B409 for ; Thu, 30 May 2002 17:54:36 -0700 (PDT) Received: from ronin ([192.168.1.103]) by notes.dndlabs.net (Lotus Domino Build M12_02042002 Pre-release 1) with ESMTP id 2002053020523297-1532 ; Thu, 30 May 2002 20:52:32 -0400 From: John Ruff To: faSty , freebsd-security@FreeBSD.ORG Subject: Re: Nmap/Snort Date: Thu, 30 May 2002 20:51:47 -0400 X-Mailer: KMail [version 1.4] References: <000f01c207ad$8f215c20$0200a8c0@logical> <20020530013844.A33199@i-sphere.com> In-Reply-To: <20020530013844.A33199@i-sphere.com> MIME-Version: 1.0 Message-Id: <200205302051.47194.john@dndlabs.net> X-MIMETrack: Itemize by SMTP Server on TRINITY/DNDLABS(Build M12_02042002 Pre-release 1|February 04, 2002) at 05/30/2002 08:52:33 PM, Serialize by Router on TRINITY/DNDLABS(Build M12_02042002 Pre-release 1|February 04, 2002) at 05/30/2002 08:52:39 PM, Serialize complete at 05/30/2002 08:52:39 PM Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org You should be able to close 113/tcp via /etc/inetd.conf. Also using 'lso= f -i=20 -P' is a good tool for determining what's listening on what ports and wha= t=20 daemon is running there. Cheers -- GnuPG Public Key: https://www.dndlabs.net/pgpkey/listing.php Key Fingerprint =3D 73D0 EDCC D5ED A6C0 1324 A85E 4957 D3C6 FA6C F3AE On Thursday 30 May 2002 04:38, faSty wrote: > 113 port is identd usually for IRC or some reason. > > 587 is for sendmail's submission > > -trev > > On Thu, May 30, 2002 at 02:42:32AM -0500, nathan skains wrote: > > yep i am scanning my self via root. the port that was up on the firs= t > > scan then i scan again seconds later and it was gone. > > not really sure. but i am also concern about these ports > > 113/tcp open auth > > 587/tcp open submission > > > > any way to close them... I am still in the learning process of freeb= sd > > so i have search google and have not found anything about these ports > > Thanks > > Nate --=20 GnuPG Public Key: https://www.dndlabs.net/pgpkey/listing.php Key Fingerprint =3D 73D0 EDCC D5ED A6C0 1324 A85E 4957 D3C6 FA6C F3AE To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message