Re: Hacked - is it my turn? - interesting

To: Noah Meyerhans <noahm@debian.org>
Cc: debian-security@lists.debian.org
Subject: Re: Hacked - is it my turn? - interesting
From: Alvin Oga <aoga@ns.Linux-Consulting.com>
Date: Mon, 2 Feb 2004 15:42:21 -0800 (PST)
Message-id: <[🔎] Pine.LNX.3.96.1040202154040.17602A-100000@Maggie.Linux-Consulting.com>
In-reply-to: <[🔎] 20040202225829.GY2096@morgul.net>

hi ya noah

On Mon, 2 Feb 2004, Noah Meyerhans wrote:

> On Mon, Feb 02, 2004 at 02:54:33PM -0800, Alvin Oga wrote:
> > > If you run 'iptables -A INPUT -p tcp --dport 1524 -j REJECT' you'll get
> > > this exact behavior, with nothing listening on these ports.
> > 
> > and am wondering, why explicitly reject those ports and not
> > explicity reject other ports that is also not used ...
> 
> Perhaps it's because some known back door or rarely used (but often
> running by default) service was one one of those ports.  IIRC, some well
> known back door listened on port 31337.  It's possible that the ISP is
> filtering it on their routers, and thus the scan showed it as filtered
> (assuming that the scan was done from elsewhere and its traffic passed
> through the ISP's routers).

yuo.. one does need to scan locally, than scan from ones own network
and than from outside
	( locally == just 2 pcs .. the scanner and the scanee )

should be fun to see what comes out of all the original posters checking

have fun
alvin

Reply to:

References:
- Re: Hacked - is it my turn? - interesting
  - From: Noah Meyerhans <noahm@debian.org>

Prev by Date: Re: Hacked - is it my turn?
Next by Date: Re: Hacked - is it my turn? - interesting
Previous by thread: Re: Hacked - is it my turn? - interesting
Next by thread: Re: Hacked - is it my turn? - interesting
Index(es):
- Date
- Thread