From: Lindsay Haisley <fmouse-gentoo@fmp.com>
To: gentoo-server@lists.gentoo.org
Subject: Re: [gentoo-server] how to stop tracing
Date: Wed, 16 Jan 2008 12:41:04 -0600 [thread overview]
Message-ID: <1200508864.1997.20.camel@vishnu.fmp.com> (raw)
In-Reply-To: <cb9528810801160436i24a516e8ke29ec1cdb8bfbf86@mail.gmail.com>
Probably the most security-critical information here is version
information. You can often configure daemons such as the apache server
to hide version information. See, for instance:
www.debianadmin.com/apache-tipshide-apache-information-php-software-version.html
nmap also, I think, does some fairly intelligent analysis of connection
announcements from servers and compares small details in these against
the responses of known software packages and versions of same. Courier
pop3d, for instance, doesn't announce that it's the Courier POP3 daemon
when one connects to port 110, but nmap figures this out just the same.
Otherwise, as Andrew says, you're going to have to live with a certain
amount of exposure by virtue of the fact that you're running servers.
Keep up with security updates and don't do anything silly with your
configurations!
On Wed, 2008-01-16 at 18:06 +0530, widyachacra wrote:
> Dear List friends,
>
> When i scan my own domain from an out side host using 'nmap' tool it
> shows following results. How do i block this kind of tracing using
> linux. Please help me.
>
> nmap tracing result,
>
> PORT STATE SERVICE VERSION
> 25/tcp open smtp netqmail smtpd 1.04
> 53/tcp open domain
> 80/tcp open http Apache httpd 2.2.6 ((Gentoo))
> 110/tcp open pop3 Courier pop3d
> 119/tcp open ssh OpenSSH 4.7 (protocol 2.0)
> 209/tcp open tam?
> 443/tcp open http Apache httpd 2.2.6 ((Gentoo))
> 628/tcp open tcpwrapped
> 993/tcp open ssl/imap Courier Imapd (released 2005)
> 995/tcp open ssl/pop3 Courier pop3d
>
>
> --
> ---
>
> - Widyachacra Rajapaksha -
>
> * Lots of people make the mistake of thinking that Microsoft is a
> software company. That's wrong. Microsoft is an abuse company that
> uses software as a method of delivering abuse.
>
> * Never let a woman know that YOU are interested in her.
> Love is a wish that hides in your heart, and nobody knows about it but
> YOU
> Reply With Quote
--
gentoo-server@lists.gentoo.org mailing list
next prev parent reply other threads:[~2008-01-16 18:41 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-01-16 12:36 [gentoo-server] how to stop tracing widyachacra
2008-01-16 12:44 ` Andrew Gaffney
2008-01-16 18:41 ` Lindsay Haisley [this message]
2008-01-16 21:26 ` Christopher Dale
2008-01-16 21:52 ` Andrew Gaffney
2008-01-16 22:00 ` Mark Rudholm
2008-01-16 22:04 ` RijilV
2008-01-17 21:48 ` A. Khattri
-- strict thread matches above, loose matches on Subject: below --
2008-01-16 20:05 Tom Grace
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1200508864.1997.20.camel@vishnu.fmp.com \
--to=fmouse-gentoo@fmp.com \
--cc=gentoo-server@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox