I install new server with Debian stable (base system only with ssh and
bind).
I scan port with:
nmap -sS -sU -T4 -A -v -PE newserver
and get that few port with number 40000 and higher are open|filtered.
When I scan newserver again I get other few udp port open (differnt
number of port).
When I use lsof -i or netstat in this newserver I get only named and
sshd work in 22 and 53 TCP and UDP port and exim work on localhost 25
port. No high open udp port are discovered.
Why nmap show this temporarily open high port.
What can I do?
--
To UNSUBSCRIBE, email to debian-us...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm...@lists.debian.org
Archive: http://lists.debian.org/4C3E146D...@gmail.com
First, you can stop using nmap to do what you can do with
netstat -A inet -a
There is, after all, no need to port scan your own computer when you
can just ask it what it is doing. The ports might only be open for a
moment, but nmap has no special ability to catch such things.
Second, named is doubtless opening ports here and there to send out
and get replies to recursive queries. You could, of course, stop
having DNS service if this bothers you, though I wouldn't recommend
it. Other apps on your machine may also be opening UDP ports here and
there -- just lsof repeatedly to catch them.
--
Perry E. Metzger pe...@piermont.com
--
To UNSUBSCRIBE, email to debian-us...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm...@lists.debian.org
Archive: http://lists.debian.org/20100715094...@jabberwock.cb.piermont.com
Are you scanning from the same computer? Try scanning from a remote
host.
Regards,
Andrei
--
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic