DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 25th November 2008
iwi iwi is offline
New User
 
Join Date: Nov 2008
Posts: 6
Thanked 0 Times in 0 Posts
Default PF: strange port 21

Good day !

1. I set PF policy: "block all"
2. scan openbsd 4.4.
3. Scanning result - system offline


1. I set PF policy:

set skip on lo
scrub in all
block all
pass in on bge0 proto tcp from any to 192.168.0.2 port {22,80}

2. scan
3. Open ports:
21 - ftp
22 -ssh
80 - http


ps aux | grep ftp ---> no

21 ftp --- What it is ???
Reply With Quote
  #2   (View Single Post)  
Old 25th November 2008
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,674
Thanked 214 Times in 189 Posts
Default

Q1: How are you doing your "scan" ? From where?

Q2: Do you have any equipment on your local network (such as a SOHO router) between your OpenBSD system and the scanning server? If there is a NAT translation between your OpenBSD system and the scanning machine, that NAT platform may have port 21 open.

Port 21 is used as the incoming (listening) port for ftp servers. If you have a default installation, the port is one of several managed by inetd(8), which starts ftpd(8) when incoming packets are sent to that port. But in the default installation, inetd.conf(5) is configured with ftpd disabled, so the port would not be open.

If you issue:

$ netstat -an | grep LISTEN

you should see if port 21 is open or not.

If it is, the command:

$ fstat | grep ":21"

should tell you what process has opened it.
Reply With Quote
  #3   (View Single Post)  
Old 25th November 2008
iwi iwi is offline
New User
 
Join Date: Nov 2008
Posts: 6
Thanked 0 Times in 0 Posts
Default

I installed openbsd 4.4 on my workstation and scan it from notebook (windows xp).

workstation----switch----notebook

I checked all possible sources of appearance 21 port:

1.ps aux |grep ftp
2.cat /etc/inetd.conf |grep ftp
3. netstat
4. fstat
5. (from windows xp) telnet my_workstation 21 (grab banner)

nothing


Then i decided to scan workstation from unix system . I was suprising when saw that nmap shows only 22, 80 port.

To my mind it is trouble of scanner on windows xp. But i don't understand, why i can connect to workstation from windows xp by "telnet workstation 21"
Reply With Quote
  #4   (View Single Post)  
Old 25th November 2008
iwi iwi is offline
New User
 
Join Date: Nov 2008
Posts: 6
Thanked 0 Times in 0 Posts
Default

it's not openbsd problem !!!!

Trouble with windows XP
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Strange issues with 7.2 DNAeon FreeBSD General 5 26th September 2009 11:19 AM
Strange lib problem mururoa FreeBSD General 3 1st August 2009 07:34 AM
NFS and FreeBSD 6.2r strange problem .. bsduser FreeBSD Installation and Upgrading 3 11th July 2008 11:48 AM
strange security run output deadeyes FreeBSD Security 5 2nd July 2008 04:51 PM
strange with dvd+rw-format cyberboy FreeBSD General 0 26th May 2008 05:43 PM


All times are GMT. The time now is 10:49 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick