[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Disable bootps/netbios

Hash: SHA1

A long time ago, in a galaxy far, far way, someone said...

> Hi!
> I discovered something weird :)
> When doing a 'nmap -v localhost' I see;
> Port    State       Protocol  Service
> 21      open        tcp        ftp
> 22      open        tcp        ssh
> 25      open        tcp        smtp
> 80      open        tcp        http
> 110     open        tcp        pop-3
> And that's just what I want :) but when I do it remotely is see something
> else;
> 21      open        tcp        ftp
> 22      open        tcp        ssh
> 25      open        tcp        smtp
> 67      filtered    tcp        bootps
> 80      open        tcp        http
> 110     open        tcp        pop-3
> 137     filtered    tcp        netbios-ns
> 138     filtered    tcp        netbios-dgm
> 139     filtered    tcp        netbios-ssn

That is an artifact of someone blocking TCP ports 67, 137, 138 and 139
"upstream" from your system.  If you were running DHCP & Samba you would
see them in the output of "ps aux" as well as the portscan of "localhost".

> I have NO nfs or samba server running or installed on my system. I
> disabled portmap with an exit 0 @ the beginning of the script in
> /ect/init.d/portmap because I simply don't need it.

The second nmap listing shows no sign of NFS - bootps is used for bootp
and dhcp servers.

> The only thing I want to do is Serve http files and deliver mail, do
> some ftp and ssh and that's it :)
> I know questions are ALWAYS good and never stupid...but also for a new
> kid on the block? :-)

- -- 
- ----------------------------------------------------------------------
Phil Brutsche				    pbrutsch@tux.creighton.edu

GPG fingerprint: 9BF9 D84C 37D0 4FA7 1F2D  7E5E FD94 D264 50DE 1CFC
GPG key id: 50DE1CFC
GPG public key: http://tux.creighton.edu/~pbrutsch/gpg-public-key.asc
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org


Reply to: