[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Running daemons without asking for permission on install

In article <[🔎] slime-6e5782bc16eb6b64c6430b2984cd3ce0@hackstation> you write:
>Which reminds me, it might be nice for Debian to run something akin to a
>port scanner locally from cron.daily or something, so that the sysadmin
>will notice such problems better. (Optionally, and not reporting ports
>that the sysadmin knows are OK.)

How about something like (beware - quick hack):

netstat -a | grep -vE '(kerberos|finger|ftp|pop-3)' 

That will list all connections and active ports, except for those
with kerberos, finger, ftp and pop-3 listed.

I imagine it would be easy to make that more robust, but you should get
the general idea. Perhaps you may only want to include lines with *:* so
that active connections are not counted.
Brian May <bam@snoopy.apana.org.au>

Reply to: