Mailinglist Archive: opensuse-security (520 mails)

< Previous Next >
RE: [suse-security] TCP port 113
  • From: "oliver.z" <oliver.z@xxxxxxxxx>
  • Date: Tue, 16 Jul 2002 12:03:24 +0200
  • Message-id: <3D2D2C3C@xxxxxxxxxxxxxx>
Hey Marc

1st to output of netstat:
linux2:/var/log # netstat -ltnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
737/httpd
tcp 0 0 :::22 :::* LISTEN
720/sshd
linux2:/var/log #


and the nmap output from another machine:
linux1:/home/labuser # nmap -sS 10.51.103.115

Starting nmap V. 2.54BETA30 ( www.insecure.org/nmap/ )
Interesting ports on (10.51.103.115):
(The 1545 ports scanned but not shown below are in state: filtered)
Port State Service
22/tcp open ssh
80/tcp open http
113/tcp closed auth
443/tcp closed https


Nmap run completed -- 1 IP address (1 host up) scanned in 160 seconds
linux1:/home/labuser #


How I turn of this tcp port 113?
thnxs Oliver






>===== Original Message From "Herbrechter, Marc" <mh@xxxxxxxxxxxxx> =====
>oliver.z wrote:
>> could anyone explain me why I get different results when I
>> doing nmap -sS <ip>
>> from a remote site to my system and when I do nmap -sS
>> localhost on my system?
>
>You are running a packet filter, so you should know.
>
>> From remote site I get results with a closed tcp port 113,
>> with nmap with localhost not.
>
>"Not" what? "Not" closed, "not" opened?
>What does ┬┤netstat -ltnp┬┤ say?
>
>> And of course, why respond the system to tcp port 113, even
>> if inetd is not startet?
>
>Port 113 is the identd. It is not fired up by inetd in most
>cases.
>
>--
>To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
>For additional commands, e-mail: suse-security-help@xxxxxxxx
>Security-related bug reports go to security@xxxxxxx, not here



< Previous Next >