From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1JFDCF-0005Zz-Ii for garchives@archives.gentoo.org; Wed, 16 Jan 2008 18:41:07 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 09FAAE043D; Wed, 16 Jan 2008 18:41:06 +0000 (UTC) Received: from shakti.fmp.com (shakti.fmp.com [216.110.12.105]) by pigeon.gentoo.org (Postfix) with ESMTP id E5DBBE043D for ; Wed, 16 Jan 2008 18:41:05 +0000 (UTC) Received: from [192.168.1.16] ([::ffff:10.8.0.7]) (AUTH: LOGIN fmouse@fmp.com) by shakti.fmp.com with esmtp; Wed, 16 Jan 2008 12:41:05 -0600 id 000000000019A534.00000000478E4FC1.00006638 Subject: Re: [gentoo-server] how to stop tracing From: Lindsay Haisley To: gentoo-server@lists.gentoo.org In-Reply-To: References: Organization: FMP Computer Services Date: Wed, 16 Jan 2008 12:41:04 -0600 Message-Id: <1200508864.1997.20.camel@vishnu.fmp.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-server@lists.gentoo.org Reply-to: gentoo-server@lists.gentoo.org Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 7bit X-Mailer: Evolution 2.12.1 X-Archives-Salt: 0980967a-cb81-4c45-aca8-f8ddec69b8cb X-Archives-Hash: 494e63cacf40b68d7f725cfba090a928 Probably the most security-critical information here is version information. You can often configure daemons such as the apache server to hide version information. See, for instance: www.debianadmin.com/apache-tipshide-apache-information-php-software-version.html nmap also, I think, does some fairly intelligent analysis of connection announcements from servers and compares small details in these against the responses of known software packages and versions of same. Courier pop3d, for instance, doesn't announce that it's the Courier POP3 daemon when one connects to port 110, but nmap figures this out just the same. Otherwise, as Andrew says, you're going to have to live with a certain amount of exposure by virtue of the fact that you're running servers. Keep up with security updates and don't do anything silly with your configurations! On Wed, 2008-01-16 at 18:06 +0530, widyachacra wrote: > Dear List friends, > > When i scan my own domain from an out side host using 'nmap' tool it > shows following results. How do i block this kind of tracing using > linux. Please help me. > > nmap tracing result, > > PORT STATE SERVICE VERSION > 25/tcp open smtp netqmail smtpd 1.04 > 53/tcp open domain > 80/tcp open http Apache httpd 2.2.6 ((Gentoo)) > 110/tcp open pop3 Courier pop3d > 119/tcp open ssh OpenSSH 4.7 (protocol 2.0) > 209/tcp open tam? > 443/tcp open http Apache httpd 2.2.6 ((Gentoo)) > 628/tcp open tcpwrapped > 993/tcp open ssl/imap Courier Imapd (released 2005) > 995/tcp open ssl/pop3 Courier pop3d > > > -- > --- > > - Widyachacra Rajapaksha - > > * Lots of people make the mistake of thinking that Microsoft is a > software company. That's wrong. Microsoft is an abuse company that > uses software as a method of delivering abuse. > > * Never let a woman know that YOU are interested in her. > Love is a wish that hides in your heart, and nobody knows about it but > YOU > Reply With Quote -- gentoo-server@lists.gentoo.org mailing list