Portsentry Question

From: QSergio_Cu=E9llar=22?= (herrsergio_at_gmail.com)
Date: 12/30/04

  • Next message: Paul Johnson: "Re: Mysterious use of bandwidth? Any tools to nail it?" 
    Date: Thu, 30 Dec 2004 15:00:15 -0600
To: debian-user@lists.debian.org

    Hi,

    I really not sure whats happening with portsentry, before I start the
    daemon I use nmap to see the open ports:
    And I get only:

    22/tcp open ssh
    25/tcp open smtp
    80/tcp open http
    111/tcp open rpcbind

    Then i use nestat too, and I get something like this:

    tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
    tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
    tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
    tcp6 0 0 :::22 :::* LISTEN
    udp 0 0 0.0.0.0:111 0.0.0.0:*

    Which I considered normal, but then I start portsentry, and I use
    again nmap the result is that the machine has a lot of open ports.
    And then I use netstat and I get the same ports reported by nmap in
    State:LISTEN.

    Is it normal that portsentry opens a lot of ports ? The version of
    portsentry that I am using is
    1.2-5, with sarge. I have used portsentry with another distro and
    this doesnt happen.

    Thanks,
    Sergio Cuéllar 

    -- 
"Meine Hoffnung soll mich leiten
Durch die Tage ohne Dich
Und die Liebe soll mich tragen
Wenn der Schmerz die Hoffnung bricht"
  • Next message: Paul Johnson: "Re: Mysterious use of bandwidth? Any tools to nail it?"

    Relevant Pages