[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: nmap little sense if run on yourself?

On Mit, Jul 03, 2002 at 10:21:06 -0400, Matthew Daubenspeck wrote:
> > Is it true that nmap makes little sense if you run it to check the
> > machine it is running on?
> 
> Why does it make little sense? It will list all listening ports on
> that machine...

in this case you should use lsof -i to get a more decent list of open
tcp/ip sockets. UDP probing is kinda spongy, even on localhost. don't
forget to lookout for installed IGMP support if you want to check
security.

nmap is usable to check paket filter settings, even on localhost, so you
get what an attacker would get. to get a real list of all assigned
sockets, use tools like lsof, fuser and netstat which query the
environment of all or selected processes on the server via /proc. 

a tcp/udp port which *no* daemons listen to it is even much more secure
than the best firewalled port. above tools help you to figure out,
what's actually running. use the advantage that you have shell access to
the machine to view what's running.

HTH


-- 
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: