First Port Scan on my PC.
droid@droid-OptiPlex-GX520:~$ nmap 127.0.0.1
Starting Nmap 6.40 ( http://nmap.org ) at 2015-05-02 08:43 IST
Nmap scan report for localhost (127.0.0.1)
Host is up (0.0021s latency).
Not shown: 994 closed ports
PORT STATE SERVICE
25/tcp open smtp
80/tcp open http
139/tcp open netbios-ssn
445/tcp open microsoft-ds
631/tcp open ipp
3306/tcp open mysql
Nmap done: 1 IP address (1 host up) scanned in 0.29 seconds
Next the command to check who is listening
on Port 25
droid@droid-OptiPlex-GX520:~$ sudo netstat -tunlp | grep :25
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1281/master
tcp6 0 0 ::1:25 :::* LISTEN 1281/master
To kill the process 1281
sudo kill -9 1281
A bit about Port 139 :Source
NetBIOS Session (TCP), Windows File and Printer Sharing
This is the single most dangerous port on the Internet. All "File
and Printer Sharing" on a Windows machine runs over this port.
About 10% of all users on the Internet leave their hard disks
exposed on this port. This is the first port hackers want to
connect to, and the port that firewalls block.
I have blocked all Ports using GUFW accept 80 which
I have blocked only incoming ,else will not be able to browse.
Added this iptables rule:
jedi@jedi-OptiPlex-GX520:~$ sudo iptables -A INPUT -i eth0 -p tcp --dport 3306 -m state --state RELATED,ESTABLISHED -j DROP
No comments:
Post a Comment