[ale] nmap shows evil open ports

Amarendra Godbole (Intl Vendor) v-amarg at microsoft.com
Fri Jul 26 00:24:56 EDT 2002


> Without being terribly specific on this open list...
> nmap shows I have some open ports which are
> well-known Win virus/control ports. Portsentry
> doesn't indicate that there is any traffic on any of them
> but they *are* open. How do I find out which processes
> opened them and how do I close these ports?

You can go for a packet filter, ipchains or iptables. Follow the
paranoid approach, ``Deny all, allow selective.'' Yes, you need to be
careful while you craft this packet filter.

--amar

--
Amarendra A. Godbole / Microsoft ``Services For UNIX'' / These opinions
are _MINE_.
If anything can go wrong, _FIX_ it. (To hell with MURPHY)


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
sent to listmaster at ale dot org.






More information about the Ale mailing list