Re: Weird TCP 1755 port on freebsd box

[Jackson Alley <toomanymirrors () yahoo com>]

You can also check using FreeBSD's sockstat which i love :)

just had to plug that part of FreeBSD but it also seemed useful

TooManyMirrors
On 2003.10.06 16:12, Ranjeet Shetye wrote:
> On Fri, 2003-10-03 at 16:27, Rick Zhong wrote:
> > hi, all
> > this is really strange. I detected opened 1755 (wms) port on my
> freebsd box.
> > (i use nmap to scan and also verify it using telnet to the port.)
> However i
> > cannot find  any services which is using this port on my server. (it
> seems
> > all the machine in this IP range opens 1755 port according to nmap,
> this
> > is very weird)
> >
> > Also i tried to block the incoming traffic to this port by adding
> (deny from
> > any to myaddress 1755 ) to my ipfw rules , but it seems i can still
> reach
> > the port. Meanwhile snort also detects a lot of cyberkit ICMP
> (Welchia i
> > believe) packets targeting at port 135 on my server.
> >
> > Anyone can give me some enlightment on this . thanks.
> >
> > regards,
> > Rick
> >
> >
> >
> >
> >
> > 
> ---------------------------------------------------------------------------
> > 
> ----------------------------------------------------------------------------
>
> what does netstat -tupan tell you ?
> --
>
> Ranjeet Shetye
> Senior Software Engineer
> Zultys Technologies
> Ranjeet dot Shetye2 at Zultys dot com
> http://www.zultys.com/
>
> The views, opinions, and judgements expressed in this message are
> solely
> those of the author. The message contents have not been reviewed or
> approved by Zultys.
>
>
>
> ---------------------------------------------------------------------------
> ----------------------------------------------------------------------------

---------------------------------------------------------------------------
----------------------------------------------------------------------------