> First off it's phpbb thats causing the problems. They need to keep phpBB > up to date. Second, you can't tell that the server is insecure just by > running that simple nmap command. NMap just returns areas of interest so > you can look into them further. It says aol but it's just reporting what > services are known to run on that port. For example I run my mythweb > apache server on port 1234, which nmap reports as "hotline". Many of > those services are required for most websites like http/https, ftp, ssh, > and pop3. Just because those apps are running doesn't mean the server is > insecure. They could have a firewall running and those are the open > ports (they might want to firewall mysql, however). Sorry if this is > getting too OT.
phpbb is merely a signal something needs to be done. people don't remap ports on production servers that much. I checked out most of the open ports and they are runnng their respective services, with one extra mapping. Every open service is just an invitation for exploits, and something that needs to be added to the patch watch list, so if an issue comes up it gets fixed before an exploit gets to you. Sometimes, that's not possible. ]# ftp pchdtv.com Connected to pchdtv.com (128.121.217.18). 220 ProFTPD 1.2.10 Server (ProFTPD) [128.121.217.18] Name (pchdtv.com:blah): pchdtv 331 Password required for pchdtv. Password: 530 Login incorrect. Login failed. Remote system type is UNIX. Using binary mode to transfer files. ftp> quit 221 Goodbye. ]# ssh [EMAIL PROTECTED] The authenticity of host 'pchdtv.com (128.121.217.18)' can't be established. RSA key fingerprint is d0:db:8a:cb:74:c8:37:e4:9e:71:fc:7a:eb:d6:40:81. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'pchdtv.com,128.121.217.18' (RSA) to the list of known hosts. [EMAIL PROTECTED]'s password: ]# telnet pchdtv.com Trying 128.121.217.18... Connected to pchdtv.com. Escape character is '^]'. FreeBSD/i386 (powell.slcinet.net) (ttyp0) login: pchdtv Password: Login incorrect ]# finger [EMAIL PROTECTED] finger: blah: no such user ]# finger [EMAIL PROTECTED] ]# ##### Now we know pchdtv is a valid user on the server.. ]# telnet pchdtv.com 5190 Trying 128.121.217.18... Connected to pchdtv.com. Escape character is '^]'. 220 powell.slcinet.net ESMTP Sendmail 8.12.11/8.12.9; Wed, 22 Dec 2004 13:30:23 -0700 (MST) #### You were right about AIM, it's just being used as an email port. #] telnet pchdtv.com 25 Trying 128.121.217.18... Connected to pchdtv.com. Escape character is '^]'. 220 powell.slcinet.net ESMTP Sendmail 8.12.11/8.12.9; Wed, 22 Dec 2004 13:30:52 -0700 (MST) -- Anthony Vito [EMAIL PROTECTED]
_______________________________________________ mythtv-users mailing list [email protected] http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
