|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: port 511. help needed.
From: Nazri Hussain (nazrih
MIMOS.MY)Date: Tue Oct 24 2000 - 21:13:42 CDT
- Next message: Chris Keladis: "Re: kernel: IP_MASQ:reverse ICMP: failed checksum from xxx.xxx.xxx.xxx!"
- Previous message: Don Felgar: "Port forwarding techniques"
- Next in thread: Andrew Hatfield: "Re: port 511. help needed."
- Reply: Andrew Hatfield: "Re: port 511. help needed."
- Reply: Jonathan J. Hart: "Re: port 511. help needed."
- Reply: Waldchen, Erick (VIPTechSprt): "Re: port 511. help needed."
- Reply: Chris J. Milne: "Re: port 511. help needed."
- Reply: Waldchen, Erick (VIPTechSprt): "Re: port 511. help needed."
- Reply: Eagle C. Huang: "Re: port 511. help needed."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
hi everybody,
recently, I've port scanned (using nmap) my own server and found that port
511 is open for connection. i was wondering what is port 511 used for
? can i close it and how ?
here are my details :
1. scan port using nmap
--------------------------------------------------
[rootpenguin /root]# nmap -sS -v mydomain.com
Starting nmap V. 2.54BETA7 ( www.insecure.org/nmap/ )
Host (www.xxx.yyy.zzz) appears to be up ... good.
Initiating SYN Stealth Scan against (www.xxx.yyy.zzz)
Adding TCP port 3306 (state open).
Adding TCP port 80 (state open).
Adding TCP port 511 (state open).
Adding TCP port 22 (state open).
The SYN Stealth Scan took 1 second to scan 1534 ports.
Interesting ports on (www.xxx.yyy.zzz):
(The 1526 ports scanned but not shown below are in state: closed)
Port State Service
22/tcp open ssh
80/tcp open http
511/tcp open passgo
3306/tcp open mysql
Nmap run completed -- 1 IP address (1 host up) scanned in 2 seconds
--------------------------------------------------
2. netstat -a
--------------------------------------------------
[rootmydomain /]# netstat -a | less
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:511 *:* LISTEN
tcp 0 0 *:www *:* LISTEN
tcp 0 0 *:mysql *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 20 mydomain.com:ssh bpp82.domain.com:1035 ESTABLISHED
raw 0 0 *:6 *:*
raw 0 0 *:1 *:*
--------------------------------------------------
3. lsof
--------------------------------------------------
[rootmydomain /]# lsof | less
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
in.inetd 139 root cwd DIR 8,17 4096 2 /
in.inetd 139 root rtd DIR 8,17 4096 2 /
in.inetd 139 root txt REG 8,6 282116 51251 /usr/sbin/in.inetd
in.inetd 139 root 0u CHR 5,1 208869 /dev/console
in.inetd 139 root 1u CHR 5,1 208869 /dev/console
in.inetd 139 root 2u CHR 5,1 208869 /dev/console
in.inetd 139 root 3r FIFO 0,0 6 pipe
in.inetd 139 root 4w FIFO 0,0 6 pipe
in.inetd 139 root 5r FIFO 0,0 7 pipe
in.inetd 139 root 6w FIFO 0,0 7 pipe
in.inetd 139 root 7u IPv4 153 TCP *:511 (LISTEN)
in.inetd 139 root 21w FIFO 0,0 8 pipe
--------------------------------------------------
I've also checked the "/etc/inetd.conf" file, but nothing mentioned about
"passgo" service.
please help.
thanks in advance.
bye.
-------------
Nazri Hussain
- Next message: Chris Keladis: "Re: kernel: IP_MASQ:reverse ICMP: failed checksum from xxx.xxx.xxx.xxx!"
- Previous message: Don Felgar: "Port forwarding techniques"
- Next in thread: Andrew Hatfield: "Re: port 511. help needed."
- Reply: Andrew Hatfield: "Re: port 511. help needed."
- Reply: Jonathan J. Hart: "Re: port 511. help needed."
- Reply: Waldchen, Erick (VIPTechSprt): "Re: port 511. help needed."
- Reply: Chris J. Milne: "Re: port 511. help needed."
- Reply: Waldchen, Erick (VIPTechSprt): "Re: port 511. help needed."
- Reply: Eagle C. Huang: "Re: port 511. help needed."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]