It is not any problem being sure. Having a cable modem connection does make
you more vulnerable than, perhaps, using a DSL. Does he have a dynamic IP or
static?
How long WAS the system up before the firewall was built?
Remember, you may not actually be running any service on that port, and your
firewall is filtering the port, as indicated by nmap. Even if you are not
running any service on a given port detected by nmap, nmap will simply
provide a name of a service that commonly uses that port. That initially
confused me when I first began using nmap. I thought if it said
"Backorifice" on port 31337, that meant that Backorifice was installed and
running on that port. That is not what it meant. It meant that port 31337
was often used by Backorifice.
Having detected that port with nmap, I could then run a program (backorifice,
for instance) and see if that port was listening and active. In the case
where nmap showed all the windoze boxes with Backorifice on port 31337, not a
one of them had it actually installed and running (it is more than just a
hacker tool, it can be used as a remote administration tool like PCAnywhere,
only it is free). It is merely a heads up/give you information kind of thing
that nmap does.
On Wednesday 07 February 2001 11:23, dany allard you wrote:
> Praedor
>
> Thanks for the quick reply
>
> The machines is using @home (cable modem connection).
[...]
--
Against stupidity, the gods themselves contend in vain.
