Re: Port Scan for UDP
tony mancill, 2001-Oct-20 21:22 -0700:
> On Sat, 20 Oct 2001, Marc Wilson wrote:
> > On Sat, Oct 20, 2001 at 07:18:25PM -0700, Jeff Coppock wrote:
> > > Just for grins, I removed every udp listing in
> > > /etc/services and restarted inetd and the scan came back the
> > > same. I figure this is normal, but if someone can confirm this
> > > behaviour, I'd really appreciate it.
> > Adding or removing lines in /etc/services doesn't open or close ports...
> > this is a common misconception. Removing what's listening on a particular
> > port is what closes that port.
> A good way to find out what process is listening on a port is to load the
> lsof package and use "lsof -i" (as root so that you'll see everything).
Hmmm, so I was under that misconception.
I've started looking into what processes own these 'open' ports
and using lsof -i I'm not seeing processes owning these ports.
It's listing port numbers for protocols I've never heard of, let
alone would use. Like 1356:cuillamartin, 2024:CAIlic and a
bunch way up high. I know I'm not running these apps, but I
haven't checked them all yet, although there are hundreds listed.
I'm wondering if my portscan was not right:
nmap -sU -P0 <host>
Jeff Coppock Nortel Networks
Systems Engineer http://nortelnetworks.com