[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Closing port



I use ipchains, what command I should add to this file?

On 7 Nov 2002, Damon Brinkley wrote:

> You need to find out what process is listening on that port and stop
> it.  Otherwise setup Iptables to block connections to that port.
> 
> Damon
> 
> On Thu, 2002-11-07 at 14:50, S. Khademi wrote:
> > Dear friend.
> > 
> > Recently one of my server attack by a person, he make a direstory in my 
> > /dev/ida/ path with .sys/aw name, I see open ports in my machine by nmap 
> > command and I see: 
> > 
> > Starting nmap V. 2.54BETA22 ( www.insecure.org/nmap/ )
> > Interesting ports on cisgate.iut.ac.ir (213.29.206.17):
> > (The 1531 ports scanned but not shown below are in state: closed)
> > Port       State       Service
> > 22/tcp     open        ssh
> > 25/tcp     open        smtp
> > 80/tcp     open        http
> > 111/tcp    open        sunrpc
> > 443/tcp    open        https
> > 515/tcp    open        printer
> > 993/tcp    open        imaps
> > 995/tcp    open        pop3s
> > 3128/tcp   open        squid-http
> > 6000/tcp   open        X11
> > 32774/tcp  open        sometimes-rpc11
> > 
> >  I don't know anything about sometimes-rpc11 port, and I don't know about 
> > this, How I can close this port, and what I must do for keep my server 
> > from attacking???
> > And  I want know how he attack my server.
> > Ps. My OS is linux redhat 7.2
> > By regards khademi
> > 
> >  -- 
> > _/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/
> >  Soheila Khademi
> >                                            e-mail: khademy@yahoo.com
> >                                                   soheila@maniac.sdc.uwo.ca
> >  Network Admin                                    khademi@cc.iut.ac.ir
> >  Network Services
> >  Center For Information Services  (CIS)    http://www.iut.ac.ir
> >  Isfahan University of Technology (IUT)    Tel: 98 311 3915840-1,45
> >  Isfahan, IRAN                             Fax: 98 311 3915805
> > _/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/
> > 
> > 
> > 
> > 
> > ------------------------------------------------------------------------
> >      To unsubscribe email security-discuss-request@linuxsecurity.com
> >          with "unsubscribe" in the subject of the message.
> > 
> > 
> 
> 
> ------------------------------------------------------------------------
>      To unsubscribe email security-discuss-request@linuxsecurity.com
>          with "unsubscribe" in the subject of the message.
> 

-- 
_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/
 Soheila Khademi
                                           e-mail: khademy@yahoo.com
                                                  soheila@maniac.sdc.uwo.ca
 Network Admin                                    khademi@cc.iut.ac.ir
 Network Services
 Center For Information Services  (CIS)    http://www.iut.ac.ir
 Isfahan University of Technology (IUT)    Tel: 98 311 3915840-1,45
 Isfahan, IRAN                             Fax: 98 311 3915805
_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/




------------------------------------------------------------------------
     To unsubscribe email security-discuss-request@linuxsecurity.com
         with "unsubscribe" in the subject of the message.


[Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Video for Linux]     [Bugtraq]     [USB]     [Fedora Security]

Add to Google Powered by Linux