tony mancill, 2001-Oct-20 21:22 -0700: > On Sat, 20 Oct 2001, Marc Wilson wrote: > > > On Sat, Oct 20, 2001 at 07:18:25PM -0700, Jeff Coppock wrote: > > > Just for grins, I removed every udp listing in > > > /etc/services and restarted inetd and the scan came back the > > > same. I figure this is normal, but if someone can confirm this > > > behaviour, I'd really appreciate it. > > > > Adding or removing lines in /etc/services doesn't open or close ports... > > this is a common misconception. Removing what's listening on a particular > > port is what closes that port. > > A good way to find out what process is listening on a port is to load the > lsof package and use "lsof -i" (as root so that you'll see everything). >
Hmmm, so I was under that misconception. I've started looking into what processes own these 'open' ports and using lsof -i I'm not seeing processes owning these ports. It's listing port numbers for protocols I've never heard of, let alone would use. Like 1356:cuillamartin, 2024:CAIlic and a bunch way up high. I know I'm not running these apps, but I haven't checked them all yet, although there are hundreds listed. I'm wondering if my portscan was not right: nmap -sU -P0 <host> -- Jeff Coppock Nortel Networks Systems Engineer http://nortelnetworks.com
