On Mon, 5 Mar 2001, Giovanni P. Tirloni wrote:

> Hi folks,
>
> Just to add some extra info I'd like to say that I've seen nmap reporting
> such open ports a lot of times while doing port scans on my machines and
> friend's machines too.
>
> Mainly I was certifying myself of which ports I had left open after a
> _fresh_ install so, IMO, this is something related to nmap itself
> reporting such ports wrongly and not with any kind of h4x0r 4ct1v1ty.
> Perhaps, in some way, FreeBSD sends some kind of packet with options
> that make nmap report it that way. I really don't know.

BIND likes to use a port in area above 1024 for outgoing queries, so
you're going to see nmap hit that pretty consistantly. Other than that, I
don't think you should be seeing any false positives.

Mike "Silby" Silbersack

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]