On Thu, 25 Jan 2001, Shridhar Daithankar spewed into the ether:
> Use nmap from www.insecure.org.
> You can use any port scanner in fact...
As Shridhar didn't address the second point, I guess I will add my 2
paisa worth of comments.
> shyam wrote:
> > How do i find the open ports on my system and can i enter in
> > through them ?
Use a port scanner to scan your machine from another one. Results from
your own machine may not always be correct. (The difference is because
of lo and eth+ (or ppp+))
Then use netstat to determine which processes are bound to which port.
Only open ports to which a process is listening are possible points of
entry. If you are running old versions of wu-ftpd (or any network
enabled software), you might be in trouble if there is a known exploit
for it. If not, then you don't have to worry.
Further references:
http://www.securityfocus.com (mailing lists including bugtraq, articles
and more)
http://packetstorm.securify.net (exploits, vunerabilities and more)
http://enteract.com/~lspitz (good set of documents on security)
And the book Hacking Exposed from Prentice Hall (I would recommend the
foreign second edition over the Indian print -- the Indian one looks
like a bad reprint of the first edition of the book).
I might recommend some more, but these are good starting points for a
search.
Devdas Bhagat
--
Legislation proposed in the Illinois State Legislature, May, 1907:
"Speed upon county roads will be limited to ten miles an hour
unless the motorist sees a bailiff who does not appear to have had a
drink in 30 days, when the driver will be permitted to make what he
can."
----------------------------------------------
The mailing list archives are available at
http://lists.linux-india.org/cgi-bin/wilma/linux-india-help
