Permissions

On SL 6 I get this.

No ports are open in ShieldsUp, but then it is scanning my router. Should I leave as is ?

 

Nmap will tell you nothing unless you run it from a remote host. The ports you have open are not listening at the WAN. They are bound to localhost. In other words, people on the Internet cannot see them.

 

Funny Can you simply try:

sudo netstat -tulpen

I will

 

Okay, here we go:

 

tlu's command on Scientific Linux ..

# netstat -tulpen | grep -v '127.0.0.1' | grep -v '::1:'
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 0 11708 1110/rpcbind
tcp 0 0 0.0.0.0:35347 0.0.0.0:* LISTEN 29 12238 1209/rpc.statd
tcp 0 0 :::42536 :::* LISTEN 29 12246 1209/rpc.statd
tcp 0 0 :::111 :::* LISTEN 0 11713 1110/rpcbind
tcp 0 0 :::515 :::* LISTEN 0 13453 1438/xinetd
udp 0 0 0.0.0.0:5353 0.0.0.0:* 70 12050 1188/avahi-daemon:
udp 0 0 0.0.0.0:111 0.0.0.0:* 0 11703 1110/rpcbind
udp 0 0 0.0.0.0:631 0.0.0.0:* 0 12490 1273/cupsd
udp 0 0 192.168.0.2:123 0.0.0.0:* 38 154768 1446/ntpd
udp 0 0 0.0.0.0:123 0.0.0.0:* 0 13401 1446/ntpd
udp 0 0 0.0.0.0:37934 0.0.0.0:* 70 12051 1188/avahi-daemon:
udp 0 0 0.0.0.0:961 0.0.0.0:* 0 12228 1209/rpc.statd
udp 0 0 0.0.0.0:68 0.0.0.0:* 0 154592 11754/dhclient
udp 0 0 0.0.0.0:55120 0.0.0.0:* 29 12234 1209/rpc.statd
udp 0 0 0.0.0.0:861 0.0.0.0:* 0 11707 1110/rpcbind
udp 0 0 :::111 :::* 0 11710 1110/rpcbind
udp 0 0 fu80::21c:c0ff:feak:123 :::* 0 13407 1446/ntpd
udp 0 0 :::123 :::* 0 13402 1446/ntpd
udp 0 0 :::35156 :::* 29 12242 1209/rpc.statd
udp 0 0 :::861 :::* 0 11712 1110/rpcbind
[root@localhost]#

Nothing to worry about at all.

and on Ubuntu ..

$ sudo netstat -tulpen | grep -v '127.0.0.1' | grep -v '::1:'
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
udp 0 0 0.0.0.0:5353 0.0.0.0:* 104 5289 1075/avahi-daemon:
udp 0 0 0.0.0.0:57923 0.0.0.0:* 104 5290 1075/avahi-daemon:
udp 0 0 0.0.0.0:68 0.0.0.0:* 0 12500 2243/dhclient
$

 

can any check who is not behind router with online status yes i agree its local penetration check

can anyone check it from lan and from wan (online) and give status

grc.com and http://nmap-online.com/


for wan check sorry i am running astaro gateway it wont let me run nmap even on lan i have me make too many rules for it and disable many features

 

my fedora 13 zen map status i disable all services i dont need

 

Some more useful commands.

sudo nmap -T Aggressive -A -v 127.0.0.1 -p 1-65000

sudo netstat --tcp --udp --listening --program

sudo lsof +M -i4

Example from my Ubuntu:-

Code:

~$ sudo lsof +M -i4
COMMAND    PID        USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
avahi-dae 1075       avahi   13u  IPv4   5289      0t0  UDP *:mdns 
avahi-dae 1075       avahi   14u  IPv4   5290      0t0  UDP *:57923 
exim4     1526 Debian-exim    3u  IPv4   5730      0t0  TCP localhost:smtp (LISTEN)
hddtemp   1582        root    0u  IPv4   6167      0t0  TCP localhost:7634 (LISTEN)
cupsd     1612        root    7u  IPv4  23357      0t0  TCP localhost:ipp (LISTEN)
dhclient  5429        root    5w  IPv4 134010      0t0  UDP *:bootpc 

~$ 

 

netstat -tulpen | grep -v '127.0.0.1' | grep -v '::1:'

on fedora works on ubuntu something wrong