Re: kako da zatvoreim odredjene portove na svom racunaru
Poslao debianex on 09.11.2005 11:06:34
kada sa svoje masine ukucam komandu ispod izlaz je kako slijedi
nmap -sT -sU -O -p 1-65535 xxx.xxx.xxx.xxx
Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2005-11-09 11:57 CET
Interesting ports on xxx.xxxx.xxxx.xxx.
(The 131048 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
22/tcp open ssh
53/tcp open domain
53/udp open|filtered domain
111/tcp open rpcbind
111/udp open|filtered rpcbind
113/tcp open auth
.........................................
.........................................
.
..............................................
i jos neki portovi........................
....................................
...........................
.............................
.-......................................
Device type: general purpose
Running: Linux 2.4.X|2.5.X|2.6.X
OS details: Linux 2.5.25 - 2.6.3 or Gentoo 1.2 Linux 2.4.19 rc1-rc7), Linux 2.6.3 - 2.6.8
Uptime 0.075 days (since Wed Nov 9 10:10:14 2005)
Nmap finished: 1 IP address (1 host up) scanned in 13.079 seconds
kada sa druge masine pokrenem istu komandu tada je izlaz kao ispod
nmap -sT -sU -O -p 1-65535 xxx.xxx.xxx.xxx -moja ip
Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2005-11-09 12:04 CET
WARNING: Could not determine what interface to route packets through to xxx.xxx.xxx.xxx changing ping scantype to ICMP ping only
pcap_open_live: ioctl: No such device
There are several possible reasons for this, depending on your operating system:
LINUX: If you are getting Socket type not supported, try modprobe af_packet or recompile your kernel with SOCK_PACKET enabled.
*BSD: If you are getting device not configured, you need to recompile your kernel with Berkeley Packet Filter support. If you are getting No such file or directory, try creating the device (eg cd /dev; MAKEDEV; or use mknod).
SOLARIS: If you are trying to scan localhost and getting '/dev/lo0: No such file or directory', complain to Sun. I don't think Solaris can support advanced localhost scans. You can probably use "-P0 -sT localhost" though.
QUITTING!
kada pokrenem iptables -L sa svoje masine tada je izlaz kao sto slijedi
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ne kontam sve ovo a stalo mi je da skontam, molim sugestije i savjete
Hvala
nmap -sT -sU -O -p 1-65535 xxx.xxx.xxx.xxx
Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2005-11-09 11:57 CET
Interesting ports on xxx.xxxx.xxxx.xxx.
(The 131048 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
22/tcp open ssh
53/tcp open domain
53/udp open|filtered domain
111/tcp open rpcbind
111/udp open|filtered rpcbind
113/tcp open auth
.........................................
.........................................
.
..............................................
i jos neki portovi........................
....................................
...........................
.............................
.-......................................
Device type: general purpose
Running: Linux 2.4.X|2.5.X|2.6.X
OS details: Linux 2.5.25 - 2.6.3 or Gentoo 1.2 Linux 2.4.19 rc1-rc7), Linux 2.6.3 - 2.6.8
Uptime 0.075 days (since Wed Nov 9 10:10:14 2005)
Nmap finished: 1 IP address (1 host up) scanned in 13.079 seconds
kada sa druge masine pokrenem istu komandu tada je izlaz kao ispod
nmap -sT -sU -O -p 1-65535 xxx.xxx.xxx.xxx -moja ip
Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2005-11-09 12:04 CET
WARNING: Could not determine what interface to route packets through to xxx.xxx.xxx.xxx changing ping scantype to ICMP ping only
pcap_open_live: ioctl: No such device
There are several possible reasons for this, depending on your operating system:
LINUX: If you are getting Socket type not supported, try modprobe af_packet or recompile your kernel with SOCK_PACKET enabled.
*BSD: If you are getting device not configured, you need to recompile your kernel with Berkeley Packet Filter support. If you are getting No such file or directory, try creating the device (eg cd /dev; MAKEDEV
SOLARIS: If you are trying to scan localhost and getting '/dev/lo0: No such file or directory', complain to Sun. I don't think Solaris can support advanced localhost scans. You can probably use "-P0 -sT localhost" though.
QUITTING!
kada pokrenem iptables -L sa svoje masine tada je izlaz kao sto slijedi
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ne kontam sve ovo a stalo mi je da skontam, molim sugestije i savjete
Hvala
Ova poruka je od: http://www.linux.hr/newbb/viewtopic.php?forum=4&topic_id=595&post_id=4014