I use ipchains, what command I should add to this file? On 7 Nov 2002, Damon Brinkley wrote: > You need to find out what process is listening on that port and stop > it. Otherwise setup Iptables to block connections to that port. > > Damon > > On Thu, 2002-11-07 at 14:50, S. Khademi wrote: > > Dear friend. > > > > Recently one of my server attack by a person, he make a direstory in my > > /dev/ida/ path with .sys/aw name, I see open ports in my machine by nmap > > command and I see: > > > > Starting nmap V. 2.54BETA22 ( www.insecure.org/nmap/ ) > > Interesting ports on cisgate.iut.ac.ir (213.29.206.17): > > (The 1531 ports scanned but not shown below are in state: closed) > > Port State Service > > 22/tcp open ssh > > 25/tcp open smtp > > 80/tcp open http > > 111/tcp open sunrpc > > 443/tcp open https > > 515/tcp open printer > > 993/tcp open imaps > > 995/tcp open pop3s > > 3128/tcp open squid-http > > 6000/tcp open X11 > > 32774/tcp open sometimes-rpc11 > > > > I don't know anything about sometimes-rpc11 port, and I don't know about > > this, How I can close this port, and what I must do for keep my server > > from attacking??? > > And I want know how he attack my server. > > Ps. My OS is linux redhat 7.2 > > By regards khademi > > > > -- > > _/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/ > > Soheila Khademi > > e-mail: khademy@yahoo.com > > soheila@maniac.sdc.uwo.ca > > Network Admin khademi@cc.iut.ac.ir > > Network Services > > Center For Information Services (CIS) http://www.iut.ac.ir > > Isfahan University of Technology (IUT) Tel: 98 311 3915840-1,45 > > Isfahan, IRAN Fax: 98 311 3915805 > > _/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/ > > > > > > > > > > ------------------------------------------------------------------------ > > To unsubscribe email security-discuss-request@linuxsecurity.com > > with "unsubscribe" in the subject of the message. > > > > > > > ------------------------------------------------------------------------ > To unsubscribe email security-discuss-request@linuxsecurity.com > with "unsubscribe" in the subject of the message. > -- _/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/ Soheila Khademi e-mail: khademy@yahoo.com soheila@maniac.sdc.uwo.ca Network Admin khademi@cc.iut.ac.ir Network Services Center For Information Services (CIS) http://www.iut.ac.ir Isfahan University of Technology (IUT) Tel: 98 311 3915840-1,45 Isfahan, IRAN Fax: 98 311 3915805 _/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/ ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message.
