Bob Miller wrote:
Ben Barrett wrote:
And in general, how can one tell what processes are bound to what ports?
lsof -i Run it as root or as yourself.
Also netstat and netstat -a.
Also: I am confused about ports being open when there are no services
running on them...
So am I. lsof will
On Wed, Jan 16, 2002 at 01:42:14PM -0800, Ben Barrett wrote:
[root@benBox /etc]# telnet localhost 6667
Trying 127.0.0.1...
Connected to localhost (127.0.0.1).
Escape character is '^]'.
Connection closed by foreign host.
portsentry actually binds to
the list of ports in
Jacob Meuser wrote:
On Wed, Jan 16, 2002 at 01:42:14PM -0800, Ben Barrett wrote:
[root@benBox /etc]# telnet localhost 6667
Trying 127.0.0.1...
Connected to localhost (127.0.0.1).
Escape character is '^]'.
Connection closed by foreign host.
portsentry actually binds to
the list of ports in
Jacob Meuser wrote:
Is the idea behind portsentry to ba a fly catcher (I can think
of any other reason to fake services), an if so, how would listening
on 127.0.0.1 achieve this?
Yes, I think that's a decent description. The opening of
otherwise-unused ports
definately seems like bait to
Kahli R. Burke wrote:
It looks like portsentry just binds to all interfaces instead of being
selective and only binding to a specific interface like a publically
connected ethernet card. So, it doesn't really care whether it's
coming from the loopback device or eth0 or whatever. This
On Wed, Jan 16, 2002 at 05:41:41PM -0800, Kahli R. Burke wrote:
Is the idea behind portsentry to ba a fly catcher (I can think
of any other reason to fake services), an if so, how would listening
on 127.0.0.1 achieve this?
(I should proof read before I send :(
It looks like portsentry
On Wed, Jan 16, 2002 at 05:38:36PM -0800, Ben Barrett wrote:
I think the idea is to try to befuddle
those who
are trying to get a system OS signature from a portscan.
scrub in on $ext_if all
block in log quick on $ext_if inet proto tcp from any to any flags FUP/FUP
pass out on $ext_if inet
On Wed, Jan 16, 2002 at 05:46:19PM -0800, Ben Barrett wrote:
I
agree in that it helps to bring more advanced network security tools
to common users. However, for anyone really having a handle on network
security OR trying to (!), I think it does impede understanding.
Then it only
Jacob Meuser wrote:
scrub in on $ext_if all
block in log quick on $ext_if inet proto tcp from any to any flags FUP/FUP
pass out on $ext_if inet proto tcp from { $my_ip(s) } to any modulate state
Does a pretty good job.
For those of you who are LINUX geeks, not OpenBSD geeks, that
stuff
Jacob Meuser wrote:
Then it only creates confusion, and opens ports and makes people
feel safe ???
Security through non-sequitur. It's like banning in-flight meals on
commercial airliners. Well fed passengers might be terrorists.
--
Bob Miller Kbob
kbobsoft
On Tue, 8 Jan 2002, Linux Rocks ! wrote:
Chris,
I have to wonder why a cyborg would use a twidler?
This message entered with a Twiddler2, the choice of today's cyborg.
OK. Quasi-cyborg. Real cyborgs will be hard-wired to their digital parts.
-Chris
11 matches
Mail list logo