Barusan saya masuk ke www.hackerwhacker.com dan inilah hasil
scan port di komputer sini:
--------------------------------------------------------------------
Starting Test: #1
Description: Scan for open ports (showing ports)
Target Scanned: 200.1.2.3
Starting Time: Thu Apr 6 23:02:16 2000
______________________________________________________________
21 OPEN tcp ftp FTP or Trojan Horses Doly, Fore, Blade Runner,
Larva
______________________________________________________________
22 OPEN tcp ssh Secure Shell Login
SSH-1.5-1.2.27
______________________________________________________________
25 OPEN tcp sendmail Simple Mail Transfer or Some Trojan Horses
220 my.domain.com ESMTP
______________________________________________________________
53 OPEN tcp bind Domain Name Server
______________________________________________________________
79 OPEN tcp finger Finger or Trojan Horse Firehotcker
[200.1.2.3]
______________________________________________________________
80 OPEN tcp http World Wide Web Server or Trojan Horse Executor
HTTP/1.1 200 OK
Date: Fri, 07 Apr 2000 20:04:24 GMT
Server: Apache/1.3.9 (Unix) (Red Hat/Linux) PHP/3.0.15
Last-Modified: Fri, 07 Apr 2000 01:06:53 GMT
______________________________________________________________
110 OPEN tcp pop3 PostOffice V.3 or Trojan Horse ProMail
+OK <[EMAIL PROTECTED]>
______________________________________________________________
111 OPEN tcp portmapper portmapper, rpcbind
______________________________________________________________
119 OPEN tcp nntp Network News Transfer Protocol
201 localhost InterNetNews NNRP server INN 2.2.1 25-Aug-1999 ready
(no posting).
480 Authentication required for command
______________________________________________________________
513 OPEN tcp login BSD rlogind(8)
______________________________________________________________
514 OPEN tcp shell BSD rshd(8)
______________________________________________________________
3306 OPEN tcp mysql MySQL
______________________________________________________________
--------------------------------------------------------------------
Padahal baru diinstall di HD bersih 5 GB belum sampai seminggu yg lalu.
Maksudnya Trojan itu apakah benar sudah disusupi Trojan atau hanya
perkiraan ? Mail servernya pakai qmail. FTP-nya wu-ftpd. News Servernya
innd.
Dan untuk port-port ini - yg saya tidak tahu apakah in need or not - perlu
ditutup ? 513 dan 514.
Saya belum tahu kegunaannya.
FYI, kalau port 79 sudah saya disable di /etc/inetd.conf.
TIA
~yudi
--------------------------------------------------------------------------
Utk berhenti langganan, kirim email ke [EMAIL PROTECTED]
Informasi arsip di http://www.linux.or.id/milis.php3
Pengelola dapat dihubungi lewat [EMAIL PROTECTED]
