|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] weak linux firewall?
|
I had run the nmap from the internal network. From outside, the nmap looks
like the attachment I am sending. It shows that only the ssh port is up.
-Sam
> For reasons that are not important I have win2k on a partition. My
> firewall is a linux box that has only the following ports open.
>
> Port State Service
> 21/tcp open ftp
> 22/tcp open ssh
> 80/tcp open http
> 139/tcp open netbios-ssn
> 515/tcp open printer
> 6000/tcp open X11
> 6004/tcp open X11:4
>
> When surfing the internet last night, I saw an ad that claimed my pc was
> insecure and had a snapshot of my hd, that had a pic of my folders and the
> size of my partition. Now this worries me. I know it was a pic of my comp,
> and not some generic pc because of this one folder I had.
>
> Does anyone have any thoughts on how someone could have gotten past the
> firewall and peeked into my machine?
>
> Thanks.
>
--
Samantha
-------
Real programmers do not comment their code. If it was hard to write, it
should be hard to understand.
http://taz.cs.wcupa.edu/~ssamuel
Starting nmap V. 2.54BETA22 ( www.insecure.org/nmap/ )
Interesting ports on pool-141-158-248-199.phil.east.verizon.net (141.158.248.199):
(The 1043 ports scanned but not shown below are in state: filtered)
Port State Service
22/tcp open ssh
81/tcp closed hosts2-ns
1023/tcp closed unknown
1024/tcp closed kdm
1025/tcp closed listen
1026/tcp closed nterm
1030/tcp closed iad1
1031/tcp closed iad2
1032/tcp closed iad3
1058/tcp closed nim
1059/tcp closed nimreg
1067/tcp closed instl_boots
1068/tcp closed instl_bootc
1080/tcp closed socks
1083/tcp closed ansoft-lm-1
1084/tcp closed ansoft-lm-2
1103/tcp closed xaudio
1109/tcp closed kpop
1110/tcp closed nfsd-status
1112/tcp closed msql
1127/tcp closed supfiledbg
1155/tcp closed nfa
1178/tcp closed skkserv
1212/tcp closed lupa
1222/tcp closed nerv
1234/tcp closed hotline
1241/tcp closed msg
1248/tcp closed hermes
1346/tcp closed alta-ana-lm
1347/tcp closed bbn-mmc
1348/tcp closed bbn-mmx
1349/tcp closed sbook
1350/tcp closed editbench
1351/tcp closed equationbuilder
1352/tcp closed lotusnotes
1353/tcp closed relief
1354/tcp closed rightbrain
1355/tcp closed intuitive-edge
1356/tcp closed cuillamartin
1357/tcp closed pegboard
1358/tcp closed connlcli
1359/tcp closed ftsrv
1360/tcp closed mimer
1361/tcp closed linx
1362/tcp closed timeflies
1363/tcp closed ndm-requester
1364/tcp closed ndm-server
1365/tcp closed adapt-sna
1366/tcp closed netware-csp
1367/tcp closed dcs
1368/tcp closed screencast
1369/tcp closed gv-us
1370/tcp closed us-gv
1371/tcp closed fc-cli
1372/tcp closed fc-ser
1373/tcp closed chromagrafx
1374/tcp closed molly
1375/tcp closed bytex
1376/tcp closed ibm-pps
1377/tcp closed cichlid
1378/tcp closed elan
1379/tcp closed dbreporter
1380/tcp closed telesis-licman
1381/tcp closed apple-licman
1383/tcp closed gwha
1384/tcp closed os-licman
1385/tcp closed atex_elmd
1386/tcp closed checksum
1387/tcp closed cadsi-lm
1388/tcp closed objective-dbc
1389/tcp closed iclpv-dm
1390/tcp closed iclpv-sc
1391/tcp closed iclpv-sas
1392/tcp closed iclpv-pm
1393/tcp closed iclpv-nls
1394/tcp closed iclpv-nlc
1395/tcp closed iclpv-wsm
1396/tcp closed dvl-activemail
1397/tcp closed audio-activmail
1398/tcp closed video-activmail
1399/tcp closed cadkey-licman
1400/tcp closed cadkey-tablet
1401/tcp closed goldleaf-licman
1402/tcp closed prm-sm-np
1403/tcp closed prm-nm-np
1404/tcp closed igi-lm
1405/tcp closed ibm-res
1406/tcp closed netlabs-lm
1407/tcp closed dbsa-lm
1408/tcp closed sophia-lm
1409/tcp closed here-lm
1410/tcp closed hiq
1411/tcp closed af
1412/tcp closed innosys
1413/tcp closed innosys-acl
1414/tcp closed ibm-mqseries
1415/tcp closed dbstar
1416/tcp closed novell-lu6.2
1417/tcp closed timbuktu-srv1
1418/tcp closed timbuktu-srv2
1419/tcp closed timbuktu-srv3
1420/tcp closed timbuktu-srv4
1421/tcp closed gandalf-lm
1422/tcp closed autodesk-lm
1423/tcp closed essbase
1424/tcp closed hybrid
1425/tcp closed zion-lm
1426/tcp closed sas-1
1427/tcp closed mloadd
1428/tcp closed informatik-lm
1429/tcp closed nms
1430/tcp closed tpdu
1431/tcp closed rgtp
1432/tcp closed blueberry-lm
1434/tcp closed ms-sql-m
1435/tcp closed ibm-cics
1436/tcp closed sas-2
1437/tcp closed tabula
1438/tcp closed eicon-server
1439/tcp closed eicon-x25
1440/tcp closed eicon-slp
1441/tcp closed cadis-1
1442/tcp closed cadis-2
1443/tcp closed ies-lm
1444/tcp closed marcam-lm
1445/tcp closed proxima-lm
1446/tcp closed ora-lm
1447/tcp closed apri-lm
1448/tcp closed oc-lm
1449/tcp closed peport
1450/tcp closed dwf
1451/tcp closed infoman
1452/tcp closed gtegsc-lm
1453/tcp closed genie-lm
1454/tcp closed interhdl_elmd
1455/tcp closed esl-lm
1456/tcp closed dca
1457/tcp closed valisys-lm
1458/tcp closed nrcabq-lm
1459/tcp closed proshare1
1460/tcp closed proshare2
1461/tcp closed ibm_wrless_lan
1462/tcp closed world-lm
1463/tcp closed nucleus
1464/tcp closed msl_lmd
1465/tcp closed pipes
1466/tcp closed oceansoft-lm
1467/tcp closed csdmbase
1468/tcp closed csdm
1469/tcp closed aal-lm
1470/tcp closed uaiact
1471/tcp closed csdmbase
1472/tcp closed csdm
1473/tcp closed openmath
1474/tcp closed telefinder
1475/tcp closed taligent-lm
1476/tcp closed clvm-cfg
1477/tcp closed ms-sna-server
1478/tcp closed ms-sna-base
1479/tcp closed dberegister
1480/tcp closed pacerforum
1481/tcp closed airs
1482/tcp closed miteksys-lm
1483/tcp closed afs
1484/tcp closed confluent
1485/tcp closed lansource
1486/tcp closed nms_topo_serv
1487/tcp closed localinfosrvr
1488/tcp closed docstor
1489/tcp closed dmdocbroker
1490/tcp closed insitu-conf
1491/tcp closed anynetgateway
1492/tcp closed stone-design-1
1493/tcp closed netmap_lm
1494/tcp closed citrix-ica
1495/tcp closed cvc
1496/tcp closed liberty-lm
1497/tcp closed rfx-lm
1498/tcp closed watcom-sql
1499/tcp closed fhc
1500/tcp closed vlsi-lm
1501/tcp closed sas-3
1502/tcp closed shivadiscovery
1503/tcp closed imtc-mcs
1504/tcp closed evb-elm
1505/tcp closed funkproxy
1506/tcp closed utcd
1507/tcp closed symplex
1508/tcp closed diagmond
1509/tcp closed robcad-lm
1510/tcp closed mvx-lm
1511/tcp closed 3l-l1
1512/tcp closed wins
1513/tcp closed fujitsu-dtc
1514/tcp closed fujitsu-dtcns
1515/tcp closed ifor-protocol
1516/tcp closed vpad
1517/tcp closed vpac
1518/tcp closed vpvd
1519/tcp closed vpvc
1520/tcp closed atm-zip-office
1521/tcp closed ncube-lm
1522/tcp closed rna-lm
1523/tcp closed cichild-lm
1524/tcp closed ingreslock
1525/tcp closed orasrv
1526/tcp closed pdap-np
1527/tcp closed tlisrv
1528/tcp closed mciautoreg
1529/tcp closed support
1530/tcp closed rap-service
1531/tcp closed rap-listen
1532/tcp closed miroconnect
1533/tcp closed virtual-places
1534/tcp closed micromuse-lm
1535/tcp closed ampr-info
1536/tcp closed ampr-inter
1537/tcp closed sdsc-lm
1538/tcp closed 3ds-lm
1539/tcp closed intellistor-lm
1540/tcp closed rds
1541/tcp closed rds2
1542/tcp closed gridgen-elmd
1543/tcp closed simba-cs
1544/tcp closed aspeclmd
1545/tcp closed vistium-share
1546/tcp closed abbaccuray
1547/tcp closed laplink
1548/tcp closed axon-lm
1549/tcp closed shivahose
1550/tcp closed 3m-image-lm
1551/tcp closed hecmtl-db
1552/tcp closed pciarray
1600/tcp closed issd
1650/tcp closed nkd
1651/tcp closed shiva_confsrvr
1652/tcp closed xnmp
1661/tcp closed netview-aix-1
1662/tcp closed netview-aix-2
1663/tcp closed netview-aix-3
1664/tcp closed netview-aix-4
1665/tcp closed netview-aix-5
1666/tcp closed netview-aix-6
1667/tcp closed netview-aix-7
1668/tcp closed netview-aix-8
1669/tcp closed netview-aix-9
1670/tcp closed netview-aix-10
1671/tcp closed netview-aix-11
1672/tcp closed netview-aix-12
1723/tcp closed pptp
1827/tcp closed pcm
1986/tcp closed licensedaemon
1987/tcp closed tr-rsrb-p1
1988/tcp closed tr-rsrb-p2
1989/tcp closed tr-rsrb-p3
1990/tcp closed stun-p1
1991/tcp closed stun-p2
1992/tcp closed stun-p3
1993/tcp closed snmp-tcp-port
1994/tcp closed stun-port
1995/tcp closed perf-port
1996/tcp closed tr-rsrb-port
1997/tcp closed gdp-port
1998/tcp closed x25-svc-port
1999/tcp closed tcp-id-port
2000/tcp closed callbook
2001/tcp closed dc
2002/tcp closed globe
2003/tcp closed cfingerd
2004/tcp closed mailbox
2005/tcp closed deslogin
2006/tcp closed invokator
2007/tcp closed dectalk
2008/tcp closed conf
2009/tcp closed news
2010/tcp closed search
2011/tcp closed raid-cc
2012/tcp closed ttyinfo
2013/tcp closed raid-am
2014/tcp closed troff
2015/tcp closed cypress
2016/tcp closed bootserver
2017/tcp closed cypress-stat
2018/tcp closed terminaldb
2019/tcp closed whosockami
2020/tcp closed xinupageserver
2021/tcp closed servexec
2022/tcp closed down
2023/tcp closed xinuexpansion3
2024/tcp closed xinuexpansion4
2025/tcp closed ellpack
2026/tcp closed scrabble
2027/tcp closed shadowserver
2028/tcp closed submitserver
2030/tcp closed device2
2032/tcp closed blackboard
2033/tcp closed glogger
2034/tcp closed scoremgr
2035/tcp closed imsldoc
2038/tcp closed objectmanager
2040/tcp closed lam
2041/tcp closed interbase
2042/tcp closed isis
2043/tcp closed isis-bcast
2044/tcp closed rimsl
2045/tcp closed cdfunc
2046/tcp closed sdfunc
2047/tcp closed dls
2048/tcp closed dls-monitor
2064/tcp closed distrib-net-losers
2065/tcp closed dlsrpn
2067/tcp closed dlswpn
2105/tcp closed eklogin
2106/tcp closed ekshell
2108/tcp closed rkinit
2111/tcp closed kx
2112/tcp closed kip
2120/tcp closed kauth
2201/tcp closed ats
2232/tcp closed ivs-video
2241/tcp closed ivsd
2301/tcp closed compaqdiag
2307/tcp closed pehelp
2430/tcp closed venus
2431/tcp closed venus-se
2432/tcp closed codasrv
2433/tcp closed codasrv-se
2500/tcp closed rtsserv
2501/tcp closed rtsclient
2564/tcp closed hp-3000-telnet
2600/tcp closed zebrasrv
2601/tcp closed zebra
2602/tcp closed ripd
2603/tcp closed ripngd
2604/tcp closed ospfd
2605/tcp closed bgpd
2627/tcp closed webster
2638/tcp closed sybase
2766/tcp closed listen
2784/tcp closed www-dev
2998/tcp closed iss-realsec
3000/tcp closed ppp
3001/tcp closed nessusd
3005/tcp closed deslogin
3006/tcp closed deslogind
3049/tcp closed cfs
3064/tcp closed distrib-net-proxy
3086/tcp closed sj3
3128/tcp closed squid-http
3141/tcp closed vmodem
3264/tcp closed ccmail
3333/tcp closed dec-notes
3389/tcp closed msrdp
3421/tcp closed bmap
3455/tcp closed prsvp
3456/tcp closed vat
3457/tcp closed vat-control
3462/tcp closed track
3900/tcp closed udt_os
3984/tcp closed mapper-nodemgr
3985/tcp closed mapper-mapethd
3986/tcp closed mapper-ws_ethd
4008/tcp closed netcheque
4045/tcp closed lockd
4132/tcp closed nuts_dem
4133/tcp closed nuts_bootp
4144/tcp closed wincim
4321/tcp closed rwhois
4333/tcp closed msql
4343/tcp closed unicall
4444/tcp closed krb524
4500/tcp closed sae-urn
4557/tcp closed fax
4559/tcp closed hylafax
4672/tcp closed rfa
5000/tcp closed fics
5001/tcp closed commplex-link
5002/tcp closed rfe
5010/tcp closed telelpathstart
5011/tcp closed telelpathattack
5050/tcp closed mmcc
5145/tcp closed rmonitor_secure
5190/tcp closed aol
5191/tcp closed aol-1
5192/tcp closed aol-2
5193/tcp closed aol-3
5232/tcp closed sgi-dgl
5236/tcp closed padl2sim
5300/tcp closed hacl-hb
5301/tcp closed hacl-gs
5302/tcp closed hacl-cfg
5303/tcp closed hacl-probe
5304/tcp closed hacl-local
5305/tcp closed hacl-test
5308/tcp closed cfengine
5400/tcp closed pcduo-old
5405/tcp closed pcduo
5510/tcp closed secureidprop
5520/tcp closed sdlog
5530/tcp closed sdserv
5540/tcp closed sdreport
5550/tcp closed sdadmind
5631/tcp closed pcanywheredata
5632/tcp closed pcanywherestat
5680/tcp closed canna
5713/tcp closed proshareaudio
5714/tcp closed prosharevideo
5715/tcp closed prosharedata
5716/tcp closed prosharerequest
5717/tcp closed prosharenotify
5800/tcp closed vnc
5801/tcp closed vnc
5900/tcp closed vnc
5901/tcp closed vnc-1
5902/tcp closed vnc-2
5977/tcp closed ncd-pref-tcp
5978/tcp closed ncd-diag-tcp
5979/tcp closed ncd-conf-tcp
5997/tcp closed ncd-pref
5998/tcp closed ncd-diag
6050/tcp closed arcserve
6105/tcp closed isdninfo
6106/tcp closed isdninfo
6110/tcp closed softcm
6111/tcp closed spc
6112/tcp closed dtspc
6141/tcp closed meta-corp
6142/tcp closed aspentec-lm
6143/tcp closed watershed-lm
6144/tcp closed statsci1-lm
6145/tcp closed statsci2-lm
6146/tcp closed lonewolf-lm
6147/tcp closed montage-lm
6148/tcp closed ricardo-lm
6502/tcp closed netop-rc
6558/tcp closed xdsxdm
6666/tcp closed irc-serv
6668/tcp closed irc
6969/tcp closed acmsoda
7000/tcp closed afs3-fileserver
7001/tcp closed afs3-callback
7002/tcp closed afs3-prserver
7003/tcp closed afs3-vlserver
7004/tcp closed afs3-kaserver
7005/tcp closed afs3-volser
7006/tcp closed afs3-errors
7007/tcp closed afs3-bos
7008/tcp closed afs3-update
7009/tcp closed afs3-rmtsys
7010/tcp closed ups-onlinet
7200/tcp closed fodms
7201/tcp closed dlip
7326/tcp closed icb
7597/tcp closed qaz
8007/tcp closed jserv
8009/tcp closed ajp13
8080/tcp closed http-proxy
8081/tcp closed blackice-icecap
8082/tcp closed blackice-alerts
8892/tcp closed seosload
9090/tcp closed zeus-admin
9100/tcp closed jetdirect
9535/tcp closed man
9876/tcp closed sd
9991/tcp closed issa
9992/tcp closed issc
10005/tcp closed stel
10082/tcp closed amandaidx
10083/tcp closed amidxtape
11371/tcp closed pksd
17007/tcp closed isode-dua
18000/tcp closed biimenu
20005/tcp closed btx
22273/tcp closed wnn6
22289/tcp closed wnn6_Cn
22305/tcp closed wnn6_Kr
22321/tcp closed wnn6_Tw
22370/tcp closed hpnpd
26208/tcp closed wnn6_DS
27665/tcp closed Trinoo_Master
32770/tcp closed sometimes-rpc3
32771/tcp closed sometimes-rpc5
32772/tcp closed sometimes-rpc7
32773/tcp closed sometimes-rpc9
32774/tcp closed sometimes-rpc11
32775/tcp closed sometimes-rpc13
32776/tcp closed sometimes-rpc15
32777/tcp closed sometimes-rpc17
32778/tcp closed sometimes-rpc19
32779/tcp closed sometimes-rpc21
32780/tcp closed sometimes-rpc23
32786/tcp closed sometimes-rpc25
32787/tcp closed sometimes-rpc27
43188/tcp closed reachout
44442/tcp closed coldfusion-auth
44443/tcp closed coldfusion-auth
47557/tcp closed dbbrowse
54320/tcp closed bo2k
65301/tcp closed pcanywhere
Nmap run completed -- 1 IP address (1 host up) scanned in 131 seconds
|