Hallo Liste! Habe heute meine Rechner mal nach offenen Ports gescanned und bin auf folgendes gestossen (Single-User Modus, Phänomen auch auf anderen Interfaces als lo): Script started on Sun Nov 25 22:53:21 2007 nike:~# nmap localhost -p 1- -sS -sU Starting Nmap 4.20 ( http://insecure.org ) at 2007-11-25 22:53 CET Interesting ports on localhost (127.0.0.1): Not shown: 131069 closed ports PORT STATE SERVICE 33731/udp open unknown Nmap finished: 1 IP address (1 host up) scanned in 7.309 seconds nike:~# nmap localhost -p 1- -sS -sU Starting Nmap 4.20 ( http://insecure.org ) at 2007-11-25 22:54 CET Interesting ports on localhost (127.0.0.1): Not shown: 131069 closed ports PORT STATE SERVICE 57368/udp open unknown Nmap finished: 1 IP address (1 host up) scanned in 7.210 seconds nike:~# nmap localhost -p 1- -sS -sU Starting Nmap 4.20 ( http://insecure.org ) at 2007-11-25 22:54 CET Interesting ports on localhost (127.0.0.1): Not shown: 131069 closed ports PORT STATE SERVICE 53108/udp open unknown Nmap finished: 1 IP address (1 host up) scanned in 7.256 seconds nike:~# nmap localhost -p 1- -sS -sU Starting Nmap 4.20 ( http://insecure.org ) at 2007-11-25 22:54 CET Interesting ports on localhost (127.0.0.1): Not shown: 131069 closed ports PORT STATE SERVICE 45007/udp open unknown Nmap finished: 1 IP address (1 host up) scanned in 7.214 seconds nike:~# ps ax PID TTY STAT TIME COMMAND 1 ? Ss 0:01 init [S] 2 ? S< 0:00 [kthreadd] 3 ? S< 0:00 [migration/0] 4 ? SN 0:00 [ksoftirqd/0] 5 ? S< 0:00 [watchdog/0] 6 ? S< 0:00 [events/0] 7 ? S< 0:00 [khelper] 25 ? S< 0:00 [kblockd/0] 26 ? S< 0:00 [kacpid] 27 ? S< 0:00 [kacpi_notify] 122 ? S< 0:00 [kseriod] 140 ? S 0:00 [pdflush] 141 ? S 0:00 [pdflush] 142 ? S< 0:00 [kswapd0] 143 ? S< 0:00 [aio/0] 583 ? S< 0:00 [ata/0] 585 ? S< 0:00 [ata_aux] 586 ? S< 0:00 [ksuspend_usbd] 588 ? S< 0:00 [khubd] 590 ? S< 0:00 [scsi_eh_0] 592 ? S< 0:00 [scsi_eh_1] 1086 ? S< 0:00 [ksnapd] 1141 ? S< 0:00 [kcryptd/0] 1293 ? S< 0:00 [kjournald] 1899 ? S< 0:00 [kpsmoused] 1945 ? S< 0:00 [pccardd] 2401 ? S< 0:00 [kjournald] 2402 ? S< 0:00 [kjournald] 2857 tty1 Ss 0:00 init [S] 2860 tty1 S 0:00 bash 2895 tty1 S+ 0:00 script 2896 tty1 R+ 0:00 script 2897 pts/0 Ss 0:00 bash -i 2902 pts/0 R+ 0:00 ps ax nike:~# netstat -tuapen Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name nike:~# netstat -tulpen Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name nike:~# exit exit Script done on Sun Nov 25 22:54:49 2007 Offenbar ist da ein Port mit wechselnder Nummer offen, dessen Programm ich nicht ausfindig machen kann (die von ps gelisteten schliesse ich jetzt mal aus). Rechner ist ein Testing, wenige Tage alt, direkt am Internet (kein NAT oder ähnliches). Muss ich mir Sorgen machen? :-/ Grüsse Martin
Attachment:
signature.asc
Description: This is a digitally signed message part.