FAQ   Search   Memberlist  
Profile    Log in to check your private messages    Register    Log in
NMAP Port Scan

 
Post new topic   Reply to topic    BLAG Forum Index -> open discussion
View previous topic :: View next topic  
Author Message
blaggard
PostPosted: Thu May 27, 2004 1:33 pm    Post subject: NMAP Port Scan Reply with quote
Hi,

When I did a NMAP port scan, I get the following message:

Quote:

Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2004-05-27 08:22 CDT
Interesting ports on localhost.localdomain (127.0.0.1):
(The 1657 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE VERSION
111/tcp filtered rpcbind
6000/tcp open X11

Nmap run completed -- 1 IP address (1 host up) scanned in 3.705 seconds


I use X11 applications at work, so I set my DISPLAY to my home PC and
run those, when I work from home.

What are the consequnces of closing these ports? My PC is behind a NAT
router. Is this even an issue? When I did internet security vulnerability
test at http://www.grc.com, it gave my PC a clean chit of security.

Thanks.

Blaggard


Last edited by blaggard on Fri May 28, 2004 1:21 pm; edited 1 time in total
jebba
PostPosted: Thu May 27, 2004 9:04 pm    Post subject: Reply with quote
You should filter port 6000 at your firewall. You should NOT set your DISPLAY or xhost, but just slogin to a box then run an application. slogin by default will also forward x11 connections, via port 22, encrypted.

-Jeff
blaggard
PostPosted: Fri May 28, 2004 1:32 pm    Post subject: Re:NMAP Port Scan Reply with quote
Thanks, Jeff.

I set up Firestarter to filter the port 6000 also. Now both ports 111 & 6000
are filtered.

I use ssh to login to work, so what I stated in my posting was incorrect.
SSH takes care of setting the display. Sorry for the confusion.

Dumb Question 1: I occasionally use another Doze PC to login to work via VPN,
set DISPLAY to home PC, run some X apps. If I do this filtering on the router, will
it be a problem?

Dumb Question 2: What firewall would you recommend? Firestarter or
something else?

Thanks.

Blaggard
jebba
PostPosted: Fri May 28, 2004 11:24 pm    Post subject: Reply with quote
1) not sure. Test it. :)

2) The kernel's iptables is what's doing the filtering. Firestarter & things like that are just GUIs to help write rule sets. So whatever one you like you can use.
Display posts from previous:   
Post new topic   Reply to topic    BLAG Forum Index -> open discussion
Page 1 of 1

Protected by Anti-Spam ACP