... I am changing the subject of this thread, as it is now
clear that nterm is only a name attached by nmap to port 1026.
More details on gnome-session in the local machine:
--> lsof -i tcp:1026
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
gnome-ses 312 sb3u inet304
... I am changing the subject of this thread, as it is now
clear that nterm is only a name attached by nmap to port 1026.
More details on gnome-session in the local machine:
--> lsof -i tcp:1026
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
gnome-ses 312 sb3u inet304
... what a mess!
> This does indeed make things clear.
> Thank you, a lot...
This was referred to the explanations, of course.
Thanks!
Sergio
This does indeed make things clear.
Thank you, a lot...
Sorry Paul, I believe I misunderstood you because of ... of your
"hey - stop that", which I understood as the subject of your mail
rather than your (ambiguous) no-spam trick. It's ok ;-)
I feel better now.
Sergio
>nterm (no terminal) is a meta-package that doesnt install any
>terminalemulator. this is the default for most installs
>
>actually i dont think it is really relevant what nterm really is, cos
>that is just something nmap came up with.
>
>/paul
It is relevant because it is a tcp service that I m
>> Could you please tell me the name of the package that nterm belongs to?
>None. It is probably even no linux program. It is mentioned at:
> http://www.sdesign.com/securitytest/portlist.html
So, where does nterm come from?
Sergio
> BTW, I forwarded your bug to gnome-devel-list.
Well done. Thanks.
Sergio
>nterm: is totally wrong as it has nothing to do with gnome and is just another
> programm that listens on this port on some machines.
> (the term was found in some /etc/services)
Could you please tell me the name of the package that nterm belongs to?
Sergio
... what a mess!
> This does indeed make things clear.
> Thank you, a lot...
This was referred to the explanations, of course.
Thanks!
Sergio
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
This does indeed make things clear.
Thank you, a lot...
Sorry Paul, I believe I misunderstood you because of ... of your
"hey - stop that", which I understood as the subject of your mail
rather than your (ambiguous) no-spam trick. It's ok ;-)
I feel better now.
Sergio
--
To UNSUBSCRI
>nterm (no terminal) is a meta-package that doesnt install any
>terminalemulator. this is the default for most installs
>
>actually i dont think it is really relevant what nterm really is, cos
>that is just something nmap came up with.
>
>/paul
It is relevant because it is a tcp service that I
>> Could you please tell me the name of the package that nterm belongs to?
>None. It is probably even no linux program. It is mentioned at:
> http://www.sdesign.com/securitytest/portlist.html
So, where does nterm come from?
Sergio
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with
> BTW, I forwarded your bug to gnome-devel-list.
Well done. Thanks.
Sergio
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
>nterm: is totally wrong as it has nothing to do with gnome and is just another
> programm that listens on this port on some machines.
> (the term was found in some /etc/services)
Could you please tell me the name of the package that nterm belongs to?
Sergio
--
To UNSUBSCRIB
>I suspect it's determined more by the corba layer, or something of that
>ilk, at startup-time. It would be more to the point if you did
> $ sudo netstat -pant | grep LIST | grep -Ei 'gnome|session'
>
>I think it's something Sergio's running as part of gnome-session, if not
>the session its
>If it's configurable, it should default to Off. (Like it does here,
>somehow, really.)
I agree.
> gnome-session 1.2.2.1-3 from woody
I am running gnome-session 1.0.55-2 from woody on a ppc.
Chances are that it is default to off in this later release.
Sergio
Great. So, you are running GNOME, but you have no nterm service
and gnome-session listening to it. And you are running Debian
(potato/woody?). Please report the version of gnome-session
installed on your system too. Did you do anything to avoid
this, or it comes straight out of the box? The
Christian,
I see that you do not have any service in port 1026.
Are you running GNOME at all?
Sergio
Please post the result of the following command, as root:
--> nmap your.machine.name
Do not post the machine name and IP; just the result.
nmap is a Debian package, but you can also grab it from
www.insecure.org/nmap
Sergio
>I can reproduce this bug.
>
>$ sudo netstat -np | egrep 1026
>
>Nothing.
You mean you can -not- reproduce it.
Try "netstat -anp | egrep 1026" as root.
Please follow the discussion on debian-security.
Sergio
>> This is a little confusing. I have that nterm is the name of the
>> service in port 1026, and I have gnome-session listening to it.
>
>Ports above 1024 are free for any user program like gnome-session to use.
>It's nothing to do with any nterm service. If you had an nterm service it
>would
>But was there an explanation why gnome-session has to listen on every IP
>and not only on 127.0.0.1?
No, there is no doc -a-t- -a-l-l-. It's scary!
... what is worse is that I do not manage to get rid of it.
Sergio
This is a little confusing. I have that nterm is the name of the
service in port 1026, and I have gnome-session listening to it.
I looked for manuals, docs and all sort of infos on the local system,
including searching content on /etc. I could not find anything on
nterm & gnome-session & po
... by the way, what is nterm? there are no docs on that too.
Too bad there are no docs on it.
>It has nothing to do with nterm, and it's just session management. This
>has been discussed in various fora several times now.
>I suspect it's determined more by the corba layer, or something of that
>ilk, at startup-time. It would be more to the point if you did
> $ sudo netstat -pant | grep LIST | grep -Ei 'gnome|session'
>
>I think it's something Sergio's running as part of gnome-session, if not
>the session it
>If it's configurable, it should default to Off. (Like it does here,
>somehow, really.)
I agree.
> gnome-session 1.2.2.1-3 from woody
I am running gnome-session 1.0.55-2 from woody on a ppc.
Chances are that it is default to off in this later release.
Sergio
--
To UNSUBSCRIBE, email
Package: gnome-session
Version: all versions
Severity: grave
-- Description of Bug
GNOME-SESSION makes available the "nterm" tcp/ip service in port 1026:
--> netstat -anp | egrep 1026
tcp0 0 0.0.0.0:10260.0.0.0:* LISTEN
295/gnome-session
There is
Great. So, you are running GNOME, but you have no nterm service
and gnome-session listening to it. And you are running Debian
(potato/woody?). Please report the version of gnome-session
installed on your system too. Did you do anything to avoid
this, or it comes straight out of the box? The
Christian,
I see that you do not have any service in port 1026.
Are you running GNOME at all?
Sergio
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Please post the result of the following command, as root:
--> nmap your.machine.name
Do not post the machine name and IP; just the result.
nmap is a Debian package, but you can also grab it from
www.insecure.org/nmap
Sergio
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject
>I can reproduce this bug.
>
>$ sudo netstat -np | egrep 1026
>
>Nothing.
You mean you can -not- reproduce it.
Try "netstat -anp | egrep 1026" as root.
Please follow the discussion on debian-security.
Sergio
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe".
>> This is a little confusing. I have that nterm is the name of the
>> service in port 1026, and I have gnome-session listening to it.
>
>Ports above 1024 are free for any user program like gnome-session to use.
>It's nothing to do with any nterm service. If you had an nterm service it
>woul
>But was there an explanation why gnome-session has to listen on every IP
>and not only on 127.0.0.1?
No, there is no doc -a-t- -a-l-l-. It's scary!
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
... what is worse is that I do not manage to get rid of it.
Sergio
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
This is a little confusing. I have that nterm is the name of the
service in port 1026, and I have gnome-session listening to it.
I looked for manuals, docs and all sort of infos on the local system,
including searching content on /etc. I could not find anything on
nterm & gnome-session & p
... by the way, what is nterm? there are no docs on that too.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Too bad there are no docs on it.
>It has nothing to do with nterm, and it's just session management. This
>has been discussed in various fora several times now.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Package: gnome-session
Version: all versions
Severity: grave
-- Description of Bug
GNOME-SESSION makes available the "nterm" tcp/ip service in port 1026:
--> netstat -anp | egrep 1026
tcp0 0 0.0.0.0:10260.0.0.0:* LISTEN
295/gnome-session
There i
... to the new brothers and sisters of this list,
an updated version of the tips and tricks for
running GNU/Linux:
http://www.dcs.qmw.ac.uk/~sb/PowerBook.html
Feedback welcome.
Sergio
... to the new brothers and sisters of this list,
an updated version of the tips and tricks for
running GNU/Linux:
http://www.dcs.qmw.ac.uk/~sb/PowerBook.html
Feedback welcome.
Sergio
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAI
Alexander Hvostov wrote
> ...Unless you encrypt to a public key belonging to everyone on the
> mailing list, which certainly can be done, though this means
> distributing the appropriate public/private key pair, so the keys
> themselves would also have to be encrypted, probably to each
> individ
I would like to raise the problem of the security of electronic
mail. The problem popped into my mind a while ago, while reading
about Italian legislation on the privacy and, in particular, of
paper mail. I always wanted to draw the issue to the attention of the
``hi spheres'', but I am now i
> gnome-session should not be triggered if $sshagent is set.
sorry, I intended $startssh.
Sergio
pgpCK2zYnMnzH.pgp
Description: PGP signature
Hi,
I am still looking for the meaning of the nterm service,
that keeps appearing and disappearing from my list. There
does not seem to be any documentation on it. It belongs,
I see now, to gnome-session, which is triggered by gdm.
Accordig to /etc/gdm/Sessions/Gnome and Default,
gnome-ses
Oh gosh, I made a rime! :-)
Sergio
I think it is a good idea. I have that problem all the times, and
verifying by hand takes time, especially if you happen to update 150
packages at the time...
Sergio
Wichert Akkerman wrote:
> It does not log portscans
It does log portscans. Give it a try, and you'll see it.
It is also true that fakebo does more than symply logging
the port scans, that is the reason why I like it.
Sergio
--- Forwarded Message
Date: Tue, 04 Apr 2000 11:22:11 +
From: Sergio Brandano <[EMAIL PROTECTED]>
Organization: Queen Mary and Westfield College
To: [EMAIL PROTECTED]
Subject: fakebo vs nmap -sS
Hi,
I noted that fakebo does not report scans promoted using "nmap -sS".
> My thought of the day: why nmap localhost, rather than netstat -a
> or -an ?
Because it is actually "netstat -anp" that will (also) list the
services. The reason for using nmap is that it is a popular tool
for ... mapping other's people machines. As such, you may want to
know about its exis
Thank you Gareth. I certainly will improve that article as time
allows. Please feel free to actively contribute to it. If explicit
text is sent to me, I will include it in the new version, and your
name will appear in the list of contributors.
Thank's again.
All the best,
Sergio
http://www.dcs.qmw.ac.uk/~sb/PowerBook.html
Feedback and improvements are very welcome.
Thank you for your past contributions.
Sergio
> Yes, but you can run Xev (X-in-a-window) and ssh from there. This
> is safer as well if you are really paranoid, since then you trust
> the remote sshd less.
There does not seem to be a package for it. Does it come with Debian?
Sergio
Ethan Benson wrote:
>saft is controlled from /etc/inetd.conf at least it was when i somehow
>ended up with it.
In order to kill saft I had to purge the sendfile package.
Sergio
Ingemar Fällman wrote
>Start X whit the parameter '-nolisten tcp' (startx -- -nolisten tcp)
>then X wont listen on port 6000
I am using gdm. Let see how I can do that. Anyway, will this affect
ssh?
Sergio
>saft is controlled from /etc/inetd.conf at least it was when i somehow
I can see it depends on inetd, by running netstat -anp | egrep 487,
but i see no reference to it in the /etc/init.d files.
>ended up with it. printer is lpd, /etc/init.d/lprng stop. X11 is
done!
>opened whenever you s
Alexander Hvostov wrote:
> Would anyone happen to know if it's possible (without hacking the sources
> and breaking something) to disable the TCP listen ports that a great deal
> of GNOME apps seem to listen on?
I have the same need. Also, the following thing occours with exactly?
the same co
58 matches
Mail list logo
