[vpsFree.cz: community-list] Security port 1001

Petr Krcmar petr.krcmar at vpsfree.cz
Sat Feb 15 20:33:36 CET 2014 

Dne 15.2.2014 20:20, Timotej Šiškovič napsal(a):
> nuz vo vypise netstatu ho nevidim :(
> 
> 
> On Sat, Feb 15, 2014 at 8:18 PM, Petr Krcmar <petr.krcmar at vpsfree.cz
> <mailto:petr.krcmar at vpsfree.cz>> wrote:
> 
>     Dne 15.2.2014 20:01, Timotej Šiškovič napsal(a):
>     > Caff,
>     >
>     > Akurat som sa zacal snazit riesit security trosku serioznejsie co
>     ma ale
>     > prekvapuje ze mi nmap hlasi otvoreny port 1001 na oboch VPSkach
>     obvzlast
>     > vzhladdom na iptables rules.
>     >
>     > Toto je iptables -L output:
>     >
>     >     Chain INPUT (policy ACCEPT)
>     >     target     prot opt source               destination
>     >     fail2ban-ssh  tcp  --  anywhere             anywhere
>     >     multiport dports ssh
>     >     ACCEPT     tcp  --  anywhere             anywhere             tcp
>     >     dpt:ssh
>     >     ACCEPT     tcp  --  anywhere             anywhere             tcp
>     >     dpt:http
>     >     ACCEPT     tcp  --  anywhere             anywhere             tcp
>     >     dpt:https
>     >     ACCEPT     tcp  --  anywhere             anywhere             tcp
>     >     dpt:smtp
>     >     DROP       all  --  anywhere             anywhere
>     >
>     >     Chain FORWARD (policy ACCEPT)
>     >     target     prot opt source               destination
>     >
>     >     Chain OUTPUT (policy ACCEPT)
>     >     target     prot opt source               destination
>     >
>     >     Chain fail2ban-ssh (1 references)
>     >     target     prot opt source               destination
>     >     DROP       all  --  61.174.51.208        anywhere
>     >     RETURN     all  --  anywhere             anywhere
>     >
>     >
>     > A toto mi hlasi nmap z lokalneho PC:
>     >
>     >     Starting Nmap 6.00 ( http://nmap.org ) at 2014-02-15 20:00 CET
>     >     Nmap scan report for sifro.co <http://sifro.co>
>     <http://sifro.co> (185.8.164.47)
>     >     Host is up (0.058s latency).
>     >     Not shown: 995 filtered ports
>     >     PORT     STATE SERVICE
>     >     22/tcp   open  ssh
>     >     25/tcp   open  smtp
>     >     80/tcp   open  http
>     >     443/tcp  open  https
>     >     1001/tcp open  unknown
>     >
>     >     Nmap done: 1 IP address (1 host up) scanned in 23.22 seconds
>     >
>     >
>     > Vie mi niekto povedat WTF? resp. co robim zle?
>     >
>     > Vdaka
>     >
>     >
>     > _______________________________________________
>     > Community-list mailing list
>     > Community-list at lists.vpsfree.cz
>     <mailto:Community-list at lists.vpsfree.cz>
>     > http://lists.vpsfree.cz/listinfo/community-list
>     >
> 
>     V první řadě se podívej, jaký proces na tom portu poslouchá:
> 
>     # netstat -tulpn
> 
>     --
>     Petr Krčmář
>     vpsFree.cz
>     _______________________________________________
>     Community-list mailing list
>     Community-list at lists.vpsfree.cz <mailto:Community-list at lists.vpsfree.cz>
>     http://lists.vpsfree.cz/listinfo/community-list
> 
> 
> 
> 
> _______________________________________________
> Community-list mailing list
> Community-list at lists.vpsfree.cz
> http://lists.vpsfree.cz/listinfo/community-list
> 

Mně to na tom portu píše „filtered“, takže to blokují iptables a
netuším, jestli tam něco je. Tím je to asi v pořádku.

-- 
Petr Krčmář
vpsFree.cz

More information about the Community-list mailing list