I think the point you were trying to make (and I could be WAY off
here) is that all machines have some kind of netstat command that shows
what ports are listening. "netstat -a" is very cross platform. It works
on all versions of windows and unix that I've seen, (I have no idea if
there's a mac equivalent, tho) and it'll give you a definitive list of all
ports that are presently in use. Combine this with the services list for
each OS, and you have a fairly good list of what ports to avoid.
----------------------------------------------------------------------
Matt Rose --- mattrose at folkwolf.net --- http://folkwolf.net
Sufficiently advanced cluelessness is indistinguishable from malice
----------------------------------------------------------------------
On Tue, 29 Aug 2000, Marc Schneiders wrote:
> On Mon, 28 Aug 2000, Signal 11 wrote:
>
> > > What is wrong with this:
> >
> > Well, for starters you're using *BSD, I believe.
>
> Indeed. And what is wrong with that?? Very good to start with in the
> port quest as most other operating systems' (including M$(r)
> Windows(tm)) networking stuff is based on that, they say. Seriously,
> it is very standard unix. More people should try it. I won't say it is
> better than Linux, for I cannot provide convincing evidence for that.
> Well as far as networking standards and software goes, Apache runs
> FreeBSD, ISC.org (that maintains BIND) runs BSD/OS (now merging with
> FreeBSD). Many ISP's run FreeBSD (or BSD/OS), Yahoo does, Hotmail did
> until very recently.
> And if you really care for security, have a look at OpenBSD, which has
> the additional advantage of completely lacking any corporate backing
> :-) [To complete the picture: NetBSD runs on everything. I have it on
> an old VAX here.] Anyway, it is not good to get very Linux centric, I
> think. There is more Unix then Linux. There was Unix before Linus was.
>
> > > unclad:www {281} netstat -an |grep LISTEN
> > > tcp4 0 0 212.238.105.241.53 *.*
> > > tcp4 0 0 127.0.0.1.53 *.*
> > > tcp4 0 0 10.0.0.10.53 *.*
> >
> > Looks like you forgot your bind entries in /etc/named.conf..
>
> Why do you think that? I did not! However, I did ask netstat to give
> me numbers in stead of names (-n option) or there would have been
> "domain" for 53, "http" for 80 etc. (in addition to hostnames for
> IP's, which you were expecting).
> That would not be useful to find a free port easily.
>
> > second, you posted your IP addy to the list.
>
> Sure, if I changed nothing in the netstat output.
>
> > Third, this
> > is obviously on your firewall. I believe demon internet
> > is a new zealand-based dialup ISP. Given the DNS entry,
> > I believe it is safe to assume you work there, as it is
> > not part of their normal dialup blocks.
>
> Come on, you must be joking. 212.238.105.241 is the real IP of a
> dialup. It resolves to demon.nl. I am with Demon NL. NL stands for The
> Netherlands. I do not work with Demon. A firewall? This is the machine
> I connect with over ISDN. Any other FreeBSD box with a normal install
> would look the same, give or take one or two lines (like port 53 and
> nfs related ports).
>
> > As a humorous aside, ns0.demon.nl is not properly rejecting
> > requests for zone xfers. I wonder whether you setup those
> > servers or not. =)
>
> No, I have set up just one (1) server [check headers to find it],
> which is not on the Demon network, with which I have nothing to do,
> apart from using them to connect from home. The server I set up does
> refuse an AXFR from anyone but a few IP's. The funny side is that my
> secondary nameserver (which is that from the company where I
> collocate, so outside my control) does allow AXFR's to the world. I
> don't mind that at all. There is so much I don't really need to hide
> about my one-server-network.
>
> > > After eliminating the well-known ports in your list,
> > we're left with:
> >
> > > tcp4 0 0 *.587 *.*
> > > tcp4 0 0 *.1022 *.*
> > > tcp4 0 0 *.2049 *.*
> > > tcp4 0 0 *.1023 *.*
> >
> > Now, I know that 1023 is not a well-known service,
> > but I often find that port open - the reason I
> > disrecall, so let's drop that one from the list.
>
> Well, you might like it when people who run FreeBSD can also use
> Freenet without additional hassle to get the right port.
> 1022/1023 is nfs related (portmap, mountd can't remember).
>
> > This leaves:
> >
> > > tcp4 0 0 *.587 *.*
> > > tcp4 0 0 *.1022 *.*
> > > tcp4 0 0 *.2049 *.*
> >
> > I'm going to also drop 587 and 1022 because they are
> > under the "1024" priveledged ports. I don't know for
> > sure if Freenet runs as root, but I believe it is safe
> > to assume the developers are trying to make sure that
> > is not necessary. This leaves us with 2049, our freenet
> > node.
>
> 2049 is not a Freenet node. There was no Freenet running on the box
> (it is one of two dialups I use, so very transient, as here there is
> no flat fee phone).
> 2049 is, I presume, ... nfsd :-)
>
> > Do I get a prize?
>
> Yes! The URL for more information about FreeBSD (and lists where to
> download it): http://www.freebsd.org/
>
> --
> Marc Schneiders
>
> FreeBSD: Unleash the Daemon in your machine!
>
> _______________________________________________
> Freenet-dev mailing list
> Freenet-dev at lists.sourceforge.net
> http://lists.sourceforge.net/mailman/listinfo/freenet-dev
>
_______________________________________________
Freenet-dev mailing list
Freenet-dev at lists.sourceforge.net
http://lists.sourceforge.net/mailman/listinfo/freenet-dev
