Portsentry Question

From: QSergio_Cu=E9llar=22?= (herrsergio_at_gmail.com)
Date: 12/30/04

  • Next message: Paul Johnson: "Re: Mysterious use of bandwidth? Any tools to nail it?"
    Date: Thu, 30 Dec 2004 15:00:15 -0600
    To: debian-user@lists.debian.org
    
    

    Hi,

    I really not sure whats happening with portsentry, before I start the
    daemon I use nmap to see the open ports:
    And I get only:

    22/tcp open ssh
    25/tcp open smtp
    80/tcp open http
    111/tcp open rpcbind

    Then i use nestat too, and I get something like this:

    tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
    tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
    tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
    tcp6 0 0 :::22 :::* LISTEN
    udp 0 0 0.0.0.0:111 0.0.0.0:*

    Which I considered normal, but then I start portsentry, and I use
    again nmap the result is that the machine has a lot of open ports.
    And then I use netstat and I get the same ports reported by nmap in
    State:LISTEN.

    Is it normal that portsentry opens a lot of ports ? The version of
    portsentry that I am using is
    1.2-5, with sarge. I have used portsentry with another distro and
    this doesnt happen.

    Thanks,
    Sergio Cuéllar

    -- 
    "Meine Hoffnung soll mich leiten
    Durch die Tage ohne Dich
    Und die Liebe soll mich tragen
    Wenn der Schmerz die Hoffnung bricht"
    

  • Next message: Paul Johnson: "Re: Mysterious use of bandwidth? Any tools to nail it?"

    Relevant Pages