Mailinglist Archive: opensuse-security (636 mails)

< Previous Next >
Re: [suse-security] server-check
  • From: Bogdan Zapca <lupe@xxxxxxxxxxxxxxxxx>
  • Date: Fri, 9 Feb 2001 14:52:18 +0200 (EET)
  • Message-id: <Pine.LNX.4.21.0102091451360.16358-100000@xxxxxxxxxxxxxxxxx>
There is an exploit usually called bindshell that listens on port
31337. Try a telnet yourmachine 31337 and see.

---
Bogdan Zapca System Administrator
SC EcoSoft SA Internet Service Provider
1-7 Deva st, Cluj-Napoca, Romania Tel: +40 64 199696
PGP: http://www.itotal.ro/lupe@xxxxxxxxxxxxxxxxxxxxx
http://www.ecosoft.ro

On Fri, 9 Feb 2001, Andreas Frowein wrote:

> hey list,
>
> the last days i wanted to check my
> (older) suse-system with nmap.
> i am new to nmap and have got a
> question about the results, because
> local and remote are different:
>
> used syntax:
> nmap -sF -v -v -v ...
>
> local result (nmap V 2.02):
> Port State Protocol Service
> 21 open tcp ftp
> 22 open tcp ssh
> 25 open tcp smtp
> 53 open tcp domain
> 110 open tcp pop3
>
> remote result (nmap V. 2.53,
> working on a trusted system):
> Port State Service
> 21/tcp open ftp
> 22/tcp open ssh
> 25/tcp open smtp
> 53/tcp open domain
> 80/tcp open http
> 110/tcp open pop-3
> 139/tcp open netbios-ssn
> 8080/tcp open http-proxy
> 31337/tcp open Elite
>
> i surely know that there is NO netbios
> working and what about the port
> 31337/tcp ?
> back orifice is working on 31337/UDP
> and that just on window-boxes...but
> we are speaking of a linux-server.
> is this a problem of the "old" nmap
> version used for the local scan?
>
> does anybody know?
> any help is appreciated.
> many thanks in advance,
>
> regards,
>
> andreas
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> For additional commands, e-mail: suse-security-help@xxxxxxxx
>


< Previous Next >
This Thread
References