[lug] Firewall / Lockdown questions
Hugh Brown
hugh at math.byu.edu
Tue Jul 31 22:54:33 MDT 2007
dio2002 at indra.com wrote:
>> You can find out exactly what is running on those ports by doing:
>>
>> sudo /sbin/fuser 623/tcp
>> sudo /sbin/fuser 664/tcp
>>
>> This will return the PIDs using this port> then you can do ps auxww |
>> grep <PID>.
>
> I run the cmds as root on the targethost and get absolutely no output?
>
> # fuser 664/tcp
> # fuser 623/tcp
>
> Yet from a remote host i still get:
>
> # nmap targethost
>
> PORT STATE SERVICE
> 623/tcp filtered unknown
> 664/tcp filtered unknown
>
> How do i decipher that?
>
Most likely a network provider between where you ran nmap and your
webserver box is filtering those ports and nmap is reporting it.
Hugh
More information about the LUG
mailing list