[Techtalk] How to block ports
Kai MacTane
kmactane at gothpunk.com
Fri May 16 23:51:53 UTC 2008
Vonda wrote:
>
> Firestarter's great. But - that's the one where all the hits were
> contributing to the paranoia that had me checking netstat, then running
> and screaming, etc. Nice to know it wasn't just ushering in those
> Chinese addys and showing them right to the back door, after all.
> Shieldsup shows everything's stealthed too. It's just that the hits
> just keep on comin.
When I want to know what's open on a system I admin, I just nmap it. You
can get nmap from http://nmap.org/ (big surprise, huh?). You might want
to to be careful about running it against other people's machines, since
this program *is* a port-scanner, but running it against your own
machine is not a problem.
Note that "nmap localhost" or "nmap 127.0.0.1" may bypass your firewall
(if you have one) and show you services that are running, but which have
been firewalled so that nobody else in the world can reach them. Whereas
"nmap your.fully.qualified.domain.name" or "nmap your.public.ip.address"
will show you what the rest of the world sees.
--Kai MacTane
----------------------------------------------------------------------
"She's gonna dream up the world she wants to live in,
She's gonna dream out loud.
Dream out loud."
--U2,
"Zooropa"
More information about the Techtalk
mailing list