Hi, Am Montag, den 18.08.2008, 13:39 +0200 schrieb Rorschach: > $ sudo nmap -sS -A 192.168.0.202 > Starting Nmap 4.53 ( http://insecure.org ) at 2008-08-18 13:26 CEST > SCRIPT ENGINE: rpcinfo.nse is not a file. > SCRIPT ENGINE: Aborting script scan. > Interesting ports on 192.168.0.202: > Not shown: 1712 closed ports > PORT STATE SERVICE VERSION > 22/tcp open ssh Dropbear sshd 0.51 (protocol 2.0) > 6000/tcp open X11 (access denied) > MAC Address: B6:EA:FE:36:73:B3 (Unknown) > Device type: general purpose > Running: Linux 2.6.X > OS details: Linux 2.6.13 - 2.6.20 > Uptime: 248.551 days (since Thu Dec 13 23:13:47 2007) > Network Distance: 1 hop > Service Info: OS: Unix > > OS and Service detection performed. Please report any incorrect results at > http://insecure.org/nmap/submit/ . > Nmap done: 1 IP address (1 host up) scanned in 23.939 seconds > > Alsa a netstat -tulpen done on the device direclty: > > # netstat -tulpen > Active Internet connections (only servers) > Proto Recv-Q Send-Q Local Address Foreign Address State > User Inode PID/Program name > tcp 0 0 0.0.0.0:6000 0.0.0.0:* LISTEN > 0 1822 1127/X > tcp6 0 0 :::6000 :::* LISTEN > 0 1821 1127/X > tcp6 0 0 :::22 :::* > LISTEN 0 1771 1102/dropbear > > > So the Xserver is listening to tcp-connections by default. Is this necessary? > I tried to deactivated but found: > > debian-gta02:/etc/X11# cat xinit/xserverrc > #!/bin/sh > > # $Id: xserverrc 189 2005-06-11 00:04:27Z branden $ > > exec /usr/bin/X11/X -nolisten tcp > > #!/bin/sh > > # $Id: xserverrc 189 2005-06-11 00:04:27Z branden $ > > exec /usr/bin/X11/X -nolisten tcp > > > So it seems to be already deactivated and should run __without__ an open port > because of -nolisten tcp. But why is the port open nevertheless? Any idea how > to deactivate it?
A good point that you have discovered there. Maybe we override the X options in /etc/init.d/zhone-session? If you find out how to properly disable this, please let me know, so I can adjust the init.d file. Greetings, Joachim -- Joachim "nomeata" Breitner Debian Developer [EMAIL PROTECTED] | ICQ# 74513189 | GPG-Keyid: 4743206C JID: [EMAIL PROTECTED] | http://people.debian.org/~nomeata
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
_______________________________________________ support mailing list [email protected] https://lists.openmoko.org/mailman/listinfo/support
