It seems to me perhaps this box has already been hacked and a redo from
scratch maybe in order.
Thanks,
Ron DuFresne
On Thu, 13 Apr 2000, Andr� Bell wrote:
> >Maybe I need to change my default input rule instead to '$IPCHAINS -P
> input -j DENY -l'. Well I just did and restarted pmfirewall. Now to test
> it against nmap and a few 3rd party servers.
>
> Well I changed the flag default to '-P' instead of '-A' and the results are
> the same. http://www.e-softinc.com says still there are eleven open ports
> found:
>
> 80 http (I want this one to remain open)
> 1080 socks not found by lsof
> 1524 ingreslock not found by lsof
> 2000 callbook lsof says this is IPv4
> 2005 deslogin lsof says this is IPv4
> 3128 squid-http lsof says this is IPv4
> 5742 trojan lsof says this is IPv4
> 6000 X11 not found by lsof, not found by nmap run locally
> 6667 irc not found by lsof
> 20034 trojan lsof says this is IPv4, not found by nmap
> 40421 trojan lsof says this is IPv4, not found by nmap
>
> Nmap run locally reports many of the the same ports plus several other
> ports not listed here. Is there any way to find if these are closed and
> not false positives as someone mentioned? It looks to me like these may
> really be open.
>
> Thanks.
>
> Andre'
>
>
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
