Security Basics mailing list archives
Re: Hack?
From: Ansgar Wiechers <bugtraq () planetcobalt net>
Date: Tue, 1 Jul 2003 12:56:40 +0200
On 2003-06-28 Linux Security <lisec () ooty tenet res in> wrote:
My redhat 7.2 is getting hacked very frequently even i got a firewall.appended bellow is the nmap output. What may be the loophole? % nmap -sA 202.xxx.xxx.xxx Initiating ACK Scan against isp.com () The ACK Scan took 275 seconds to scan 1542 ports. Interesting ports on isp.com (): (The 1538 ports scanned but not shown below are in state: filtered) Port State Service 25/tcp UNfiltered smtp 53/tcp UNfiltered domain 80/tcp UNfiltered http 443/tcp UNfiltered https
It could be any or none of the above. You scanned only 1542 TCP ports. I suggest you run a full TCP and UDP scan first (man nmap), to see if there are other open ports than the above, and then supply the list with information on what version of what program you are running on the open ports. BTW you *are* doing the scan from somewhere outside your network, aren't you? Regards Ansgar Wiechers --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------