Re: port 768

[gyst () NFG NL (Guido A.J. Stevens)]

Jose Nazario <jose () biocserver BIOC CWRU Edu> writes:

> lemme share my port-numbers file with you. i snarfed this from
> packetstorm, i seem to recall. obviously it has some limitations, ie
> linuxconf on port 98 is not listed (but more common than what is listed),
> but you get the idea. it doesn't contain trojans, though, just services.

Well, yes, but I already studied this file, and others, and didn't
find port 768 listed. I went through the RTFM routine all right.

I may be a tad simplistic here, but my reasoning is: this is my
computer, it should be able to tell me what it is doing. It is all
right to grep external documentation for exotic ports that people are
probing on my machine; as long as my machine doesn't listen to that
port anyway that is a nice way of finding out what services people
think /might/ be running. But here I got probed on a port on which
some service was actually listening. And I need to rely on some
helpful stranger to teach me that this was actually rpc.mountd
happening.

This just seems far too fuzzy a way to find out what is going on on my
machine. The machine is deterministic. It should be able to tell me
exactly what it is doing. Surely there's a *command* to find this out?
(We're talking Linux here, BTW.)

Sorry if I'm missing something obvious, I know there's a lot I don't
know, that I should know. That's why I'm asking...

:*CU#

--
***    Guido A.J. Stevens      ***    mailto:gyst () nfg nl    ***
***    Net Facilities Group    ***    tel:+31.43.3618933    ***
***    http://www.nfg.nl       ***    fax:+31.43.3560502    ***

Around the world there are networks of spy stations and spy
satellites which can intercept communications anywhere on the
planet.
[Hager, ISBN 0-908802-35-8, p.56]