l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
January 6: Social gathering
Next Installfest:
TBD
Latest News:
Nov. 18: Club officer elections
Page last updated:
2001 Dec 30 17:06

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Attempted access -- I think
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Attempted access -- I think



On 14 Jun 2001 10:27 AM or thereabouts, Cam Ellison wrote:
> jdnewmil@dcn.davis.ca.us wrote:
> As you said, it is weird.  What I have here is my linux box with a Samba
> server for my kids' machine, which my wife also uses, and netatalk for
> the Mac Powerbook I use for work.  Yes, I have a cable modem connection
> for which I use dhcp.  I have ssh set up, but have not been able to get
> the Mac set up in a way that allows me to connect, so I haven't.  I have
> proftpd running, but there's only one way in -- through my username and
> password.  I get regular hits on that, too, though only recently have I
> bothered to sic anyone one them.
> 
> > 
> > These are service (port) names.  AFAIK netstat doesn't tell you process
> > names.

Yes, those are service names...  but netstat *can* tell you the process
associated with a given connection:

# netstat -ap --inet
Proto Recv-Q Send-Q Local Address           Foreign Address         State
PID/Program name
tcp        0      0 *:www                   *:*     LISTEN  14158/httpd
tcp        0      0 127.0.0.1:domain        *:*     LISTEN  1153/named
tcp        0      0 *:ssh                   *:*     LISTEN  9347/sshd
tcp        0      0 *:smtp                  *:*     LISTEN  24993/inetd

Very useful. (and easier to read than lsof, IMHO)

> > > ntalk
> > > talk
> > > discard
> > > sunrpc

> I think I will leave sunrpc, but I have taken talk and talkd out.  I can
> find no reference to discard.  It is not in the locate db, and is not a
> Debian package.  Odd.  Does it ring any bells with you?

$ cat /etc/services | grep discard
discard         9/tcp           sink null
discard         9/udp           sink null

discard is a service left over from the old days, much like a network
/dev/null.  Anything sent to it disappears.  It runs out of inetd usually,
so you can (and probably should) just comment it out of /etc/inetd.conf

Also, do you export NFS shares from this machine?  If you do not, I
*strongly* reccomend turning off all of your RPC services. Those daemons are
just trouble if you don't really need them.  (Under debian, these services
are controlled by the 'nfs-common', 'nfs-user-server', and 'portmap'
entries in /etc/init.d/)

--Matthew
infinite@sigkill.com

--
  "There are a thousand forms of subversion, but few can equal the 
   convenience and immediacy of a cream pie"
     -- Noel Godin


LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!