Hello Debian ISPers,
I have a question regarding something I noticed on a debian
machine I use. I have a debian machine set up for internal ticketing
(request tracker) and I was browsing through my httpd logs and noticed
that some random users of the internet have been hitting the non existant
sites of users that I have on the machine (i.e- ~debian-isp). I was
wondering how they are finding out which users that I have on the machine
and was wondering if I could be running services that pose a security
problem. I only have the following open:
Port State Protocol Service
21 open tcp ftp
22 open tcp ssh
25 open tcp smtp
80 open tcp http
113 open tcp auth
443 open tcp https
515 open tcp printer
3306 open tcp mysql
6000 open tcp X11
I had a question as to the function of 'auth'.
I am not quite sure what this does. If someone could give me a heads up.
Any advice appriciated.
'space ghost with debian flavor'