Mailinglist Archive: opensuse-security (520 mails)

< Previous Next >
RE: [suse-security] dienst blackjack?
  • From: gtschakert@xxxxxx
  • Date: Sat, 02 Dec 2000 14:16:09 +0100 (MET)
  • Message-id: <XFMail.001202141609.gtschakert@xxxxxx>
The used language in this list is English:
Please repeat your question in English
for all the people not understanding German.


regards

Guido

On 02-Dec-00 U. Schneider wrote:
> Hallo Liste !
>
> bin gerade am Abdichten meines Systems - dank dieser Liste hab ich schon
> einige Schrauben zum drehen gefunden ... aber nmap zeigt mir
> einen seltsamen Dienst am laufen, der mir äußerst suspekt vorkommt.
> Was bitte schön ist blackjack auf Port 1025/udp ?
> Auch der unknown dienst auf Port 1024/udp ist mir verdächtig.
>
> Vielen Dank
> Gruß
> Uli
>
> Hier mal was nmap meldete:
>
> Starting nmap V. 2.53 by fyodor@xxxxxxxxxxxx ( www.insecure.org/nmap/ )
> Host localhost (127.0.0.1) appears to be up ... good.
> Initiating SYN half-open stealth scan against localhost (127.0.0.1)
> Adding TCP port 25 (state open).
> Adding TCP port 119 (state open).
> Adding TCP port 80 (state open).
> Adding TCP port 110 (state open).
> Adding TCP port 23 (state open).
> Adding TCP port 53 (state open).
> Adding TCP port 111 (state open).
> Adding TCP port 113 (state open).
> Adding TCP port 8080 (state open).
> Adding TCP port 139 (state open).
> The SYN scan took 3 seconds to scan 1541 ports.
> Initiating FIN,NULL, UDP, or Xmas stealth scan against localhost
> (127.0.0.1)
> The UDP or stealth FIN/NULL/XMAS scan took 10 seconds to scan 1541
> ports.
> For OSScan assuming that port 23 is open and port 1 is closed and
> neither are firewalled
> Interesting ports on localhost (127.0.0.1):
> (The 3063 ports scanned but not shown below are in state: closed)
> Port State Service
> 23/tcp open telnet
> 25/tcp open smtp
> 53/tcp open domain
> 53/udp open domain
> 67/udp open bootps
> 80/tcp open http
> 110/tcp open pop-3
> 111/tcp open sunrpc
> 111/udp open sunrpc
> 113/tcp open auth
> 119/tcp open nntp
> 137/udp open netbios-ns
> 138/udp open netbios-dgm
> 139/tcp open netbios-ssn
> 161/udp open snmp
> 1024/udp open unknown
> 1025/udp open blackjack
> 3130/udp open squid-ipc
> 8080/tcp open http-proxy
>
> TCP Sequence Prediction: Class=random positive increments
> Difficulty=6946651 (Good luck!)
>
> Sequence numbers: D21ADDF5 D21ADDF5 D15DB363 D15DB363 D24C7F62 D24C7F62
> Remote operating system guess: Linux 2.1.122 - 2.2.14
>
> Nmap run completed -- 1 IP address (1 host up) scanned in 16 seconds
>
>
>
>
>
>
> ___________________________
> Disclaimer:
> The opinions expressed here are not those of my employer, my wife, my
> church, or myself...
> But they are the opinions of Elvis as revealed to me through the medium of
> my pet hamster, Lee Harvey Oswald...
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> For additional commands, e-mail: suse-security-help@xxxxxxxx

------------------------------------------------
Dipl.-Met. Guido Tschakert
E-Mail: guido.tschakert@xxxxxxxxxxx
Meteorologisches Institut der Universitaet Bonn
Auf dem Huegel 20
53121 Bonn
Tel.: ++49 228 / 73 - 5101
------------------------------------------------

< Previous Next >
References