Do you have a question? Post it now! No Registration Necessary. Now with pictures!
June 22, 2005, 2:26 pm
rate this thread
I have two questions:
1. I ran nmap localhost on my linux system (Fedora Core2) and got the
[root@dev root]$ nmap dev
Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2005-06-22
Interesting ports on dev (127.0.0.1):
(The 1650 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
21/tcp open ftp
25/tcp open smtp
80/tcp open http
111/tcp open rpcbind
873/tcp open rsync
5801/tcp open vnc-http-1
5901/tcp open vnc-1
6001/tcp open X11:1
8081/tcp open blackice-icecap
32770/tcp open sometimes-rpc3
Nmap run completed -- 1 IP address (1 host up) scanned in 1.181
What is blackice-icecap?? Is this the default firewall with Fedora?
IPTABLES/Netfilter? Where can I find this on my system?
2. After running an nmap scan against my system I get the following
TCP Sequence Prediction: Class=random positive increments
Difficulty=3453555 (Good luck!)
TCP ISN Seq. Numbers: A27DF379 A2CE22B0 A24361C6 A1E5AC5A A26CCB76
IPID Sequence Generation: All zeros
The IPID Sequence is all zeros. From my initial research I've done on
google I've read that this is a problem with my linux kernel. Is this
correct? Updating my kernel is fix this. Is this a problem? What
are the consequences of this being all zeros?
Thanks for any links and advice.
not pass through your firewall. Try scanning from another machine.
8081 I have seen is a web log port for McAfee. Try browsing to it and
As for the TCP sequence prediction, what you see is a good thing
(Class=random positive increments). You want your TCP sequence to be
unpredictable, otherwise you are suspectable to idle scans. Your
Difficulty=3453555 (Good luck!) is good, many Windows systems still
use incremental sequences nad are vulnerable to idle scans
- » Cloud Ace Technologies is offering Implementation Services on Cloud Computing, Cloud Serv...
- — Newest thread in » Linux Security