Re: Hacked - is it my turn? - interesting
hi ya noah
On Mon, 2 Feb 2004, Noah Meyerhans wrote:
> On Mon, Feb 02, 2004 at 02:54:33PM -0800, Alvin Oga wrote:
> > > If you run 'iptables -A INPUT -p tcp --dport 1524 -j REJECT' you'll get
> > > this exact behavior, with nothing listening on these ports.
> >
> > and am wondering, why explicitly reject those ports and not
> > explicity reject other ports that is also not used ...
>
> Perhaps it's because some known back door or rarely used (but often
> running by default) service was one one of those ports. IIRC, some well
> known back door listened on port 31337. It's possible that the ISP is
> filtering it on their routers, and thus the scan showed it as filtered
> (assuming that the scan was done from elsewhere and its traffic passed
> through the ISP's routers).
yuo.. one does need to scan locally, than scan from ones own network
and than from outside
( locally == just 2 pcs .. the scanner and the scanee )
should be fun to see what comes out of all the original posters checking
have fun
alvin
Reply to: