Security Basics mailing list archives
Re: Weird TCP 1755 port on freebsd box
From: "Rick Zhong" <isc00801 () nus edu sg>
Date: Tue, 7 Oct 2003 05:18:10 +0800
hi, thanks for all the replies... i have realized that this weird tcp 1755 port thing is all due to the firewall (or other settings?) of my schools' network where i launch the nmap scanning and telnet. My server is outside my school's network, therefore when i use my pc (which is inside my school's firewall) to scan my freebsd box , it shows that the 1755 port is opened on the freebsd box. (i scanned all the 20 machines on the same IP segment with my server and all shows port 1755 is opened.) If i use a machine outside my school's network to scan the freebsd box, there is no 1755 port and telnet also cannot connect. Now I am just wondering what kind of firewall/LAN setting can cause nmap to get this kind of discrepancy. regards, Rick ----- Original Message ----- From: "Ranjeet Shetye" <ranjeet.shetye2 () zultys com> To: "Rick Zhong" <isc00801 () nus edu sg> Cc: <security-basics () securityfocus com> Sent: Tuesday, October 07, 2003 4:12 AM Subject: Re: Weird TCP 1755 port on freebsd box
On Fri, 2003-10-03 at 16:27, Rick Zhong wrote:hi, all this is really strange. I detected opened 1755 (wms) port on my freebsd
box.
(i use nmap to scan and also verify it using telnet to the port.)
However i
cannot find any services which is using this port on my server. (it
seems
all the machine in this IP range opens 1755 port according to nmap,
this
is very weird) Also i tried to block the incoming traffic to this port by adding (deny
from
any to myaddress 1755 ) to my ipfw rules , but it seems i can still
reach
the port. Meanwhile snort also detects a lot of cyberkit ICMP (Welchia i believe) packets targeting at port 135 on my server. Anyone can give me some enlightment on this . thanks. regards, Rick--------------------------------------------------------------------------
-
--------------------------------------------------------------------------
--
what does netstat -tupan tell you ? -- Ranjeet Shetye Senior Software Engineer Zultys Technologies Ranjeet dot Shetye2 at Zultys dot com http://www.zultys.com/ The views, opinions, and judgements expressed in this message are solely those of the author. The message contents have not been reviewed or approved by Zultys.
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- RE: Country based IPs, (continued)
- RE: Country based IPs Seyberth Allan R Contr AFRL/VSIO (Oct 02)
- Re: Country based IPs salgak (Oct 02)
- RE: Country based IPs Matthew F. Caldwell (Oct 02)
- Re: Country based IPs Meritt James (Oct 03)
- RE: Country based IPs James McKiernan (Oct 03)
- RE: Country based IPs Matthew F. Caldwell (Oct 03)
- Re: Country based IPs Meritt James (Oct 03)
- Re: Country based IPs Meritt James (Oct 03)
- Weird TCP 1755 port on freebsd box Rick Zhong (Oct 06)
- Re: Weird TCP 1755 port on freebsd box Ranjeet Shetye (Oct 06)
- Re: Weird TCP 1755 port on freebsd box Rick Zhong (Oct 06)
- Re: Weird TCP 1755 port on freebsd box Jackson Alley (Oct 08)