Firewall Wizards mailing list archives
Port 37628....Is it just another port or out of the extra ordinary???
From: InHisGrip <servie_platon () yahoo com>
Date: Wed, 21 Jul 2004 16:52:51 -0700 (PDT)
Hi everyone, I have setup an apache web server in my small home network and have configured this web server by enabling port forwarding for web requests and redirection using a non standard port other than port 80. I have also used my dns registrar/provider in particular dyndns.org to do the job of custom dns and redirecting web traffic on my host machine. My question is related to security/firewall and in particular with linux ports being compromised. Based from the information below, can anyone please let me know if the information I have attached based on open ports or listening ports on the output will somehow compromise my small home network or the linux web server box I have just set up? Oh, by the way, just wanted to make sure because I have placed the web server in a DMZ port and zone from my linksys router and I think but not sure that I am being shielded and protected atleast? Likewise, I have enabled advanced firewall protection on my linksys router. Am I just paranoid, or is there something to get alarmed especially on port 37628 which has a LISTEN state on all interfaces or on the Internet? Here is a copy of my netstat -an output: Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:32768 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:32769 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:783 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:8090 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN tcp 0 0 192.168.1.77:8090 203.218.54.165:4061 TIME_WAIT tcp 0 0 192.168.1.77:8090 203.218.54.165:4060 TIME_WAIT tcp 0 0 192.168.1.77:8090 203.218.54.165:4063 TIME_WAIT tcp 0 0 192.168.1.77:8090 203.218.54.165:4059 TIME_WAIT tcp 0 0 192.168.1.77:8090 203.218.54.165:4073 TIME_WAIT tcp 0 0 192.168.1.77:8090 203.218.54.165:4072 TIME_WAIT tcp 0 0 192.168.1.77:8090 203.218.54.165:4074 TIME_WAIT udp 0 0 0.0.0.0:32768 0.0.0.0:* udp 0 0 0.0.0.0:750 0.0.0.0:* udp 0 0 0.0.0.0:111 0.0.0.0:* Active UNIX domain sockets (servers and established) Proto RefCnt Flags Type State I-Node Path unix 10 [ ] DGRAM 900 /dev/log unix 2 [ ] DGRAM 1464 unix 2 [ ] DGRAM 1402 unix 2 [ ] DGRAM 1384 unix 2 [ ] DGRAM 1370 unix 2 [ ] DGRAM 1324 unix 2 [ ] DGRAM 1050 unix 2 [ ] DGRAM 966 unix 2 [ ] DGRAM 908 I am asking this question because the URL below mentioned about a trojan on his system and this could also be happening to mine. Is this a security threat both on UDP and TCP ports 32768 among others? http://www.linuxquestions.org/questions/archive/4/2002/01/2/11641 Any tips or thoughts on how to eliminate this threat would be highly appreciated. Thanks in advance. Regards, Servie __________________________________ Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers! http://promotions.yahoo.com/new_mail _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Port 37628....Is it just another port or out of the extra ordinary??? InHisGrip (Jul 21)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? Chuck Swiger (Jul 22)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? InHisGrip (Jul 22)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? Paul D. Robertson (Jul 22)
- Re: Port 37628....Is it just another port or out of theextra ordinary??? Kerry Thompson (Jul 23)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? InHisGrip (Jul 22)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? Luca Berra (Jul 22)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? Devdas Bhagat (Jul 22)
- <Possible follow-ups>
- Re: Port 37628....Is it just another port or out of the extra ordinary??? InHisGrip (Jul 23)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? Victor Williams (Jul 25)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? Mark Tinberg (Jul 26)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? R. DuFresne (Jul 26)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? Victor Williams (Jul 25)
- Re: Port 37628....Is it just another port or out of the extra ordinary??? Chuck Swiger (Jul 22)