[linux-help] Re: portscan
[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
On Wednesday 31 October 2001 07:09 pm, you wrote:
> Thanks all.
> I have installed Nmap and it is a fine tool
> But I was wondering how do ppl use these ports to attack
> because I have found out that only finger and linuxconf are the ports
> that are opened . Is there a big risk?
from what i've heard (please, someone correct me if i'm wrong), about the
only thing someone can do w/ finger is find out usernames... (ie finger
@domain will show all users currently logged in, or you can finger
username@domain and find out some more info about a user)... this really
isn't *that* risky, but it can lead to someone finding out more information
than you might want them to know (ie: they've found out that foobar is a user
on <domain>, now they try brute force cracking of the passwd)...
i'm not sure about linuxconf, but if you don't use the web interface for
linuxconf, there's really no need to have it running... turning off the
interface will close that port... dont know how risky it is, but the more
open ports, the more possible risk... it comes down to a point where you
have to decide b/n security or convenience...
a good book with more information (albeit it may be somewhat "outdated" in
the fast-paced world of security) is Hacking Exposed and it's cousin Hacking
Linux Exposed... if nothing else, it has some great background in security
and information about historical exploits in various OS's including Windows,
NetWare, FreeBSD and Linux... i'd tell you more, but that's all i was able
to read before my wife wrapped my copy for christmas! : ^ )
oh, and securityfocus.org is another good place for security info...
gLaNDix
-- This is the linux-help@xxxxxxxxx list. To unsubscribe,
visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
- [linux-help] Re: portscan,
Jesse Kaufman <=
|
|
