[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: X-Server and the default port 6000....
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: X-Server and the default port 6000....
- From: van Helsing <vh_(_at_)_helith_(_dot_)_net>
- Date: Tue, 9 Nov 2004 17:45:49 +0100
- Organization: Helith Network
-----BEGIN PGP SIGNED MESSAGE-----
On Tue, 09 Nov 2004 14:43:30 +0100
Phil Schulz <scph0020_(_at_)_fh-karlsruhe_(_dot_)_de> wrote:
> van Helsing schrieb:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> > Would you please disable the port per default in 3.7?
> > Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2004-11-09
> > 03:17 CET
> > Interesting ports on localhost.helith.net (127.0.0.1):
> WTF do you scan localhost for? Doesn't mean shit because processes
> that bind() (see bind(2)) to 127.0.0.1 do not even receive packets
> sent to other addresses on the same machine. In other words, the port
> is not necessarily remotly reacheable. Use nmap from a remote (can be
> on local net) host if you want to know which port/services are
> availeable to the outside. Also make sure you use the right address!
You don't know the OS you're using....
Here's a scan from outside Phil....
$ ssh -2 helith.net
Last login: Tue Nov 9 13:43:53 2004 from brocken.rz.hu-berlin.de
OpenBSD 3.5-stable (GENERIC) #3: Tue Aug 31 07:21:50 CEST 2004
vh ttyp0 Nov 9 17:41 (pd9e82b48.dip.t-dialin.net)
$ nmap -sT -P0 -p6000 pd9e82b48.dip.t-dialin.net
Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2004-11-09 17:42
Interesting ports on pD9E82B48.dip.t-dialin.net (220.127.116.11):
PORT STATE SERVICE
6000/tcp open X11
Nmap run completed -- 1 IP address (1 host up) scanned in 0.271 seconds
$ uname -a
OpenBSD informant.helith.net 3.5 GENERIC#3 i386
$ Connection to helith.net closed.
$ uname -a
OpenBSD godfather.helith.net 3.6 GENERIC#0 amd64
Enouth proofs that securityx means sometimes a shit for the developers
Somebody wrote that I shouldn't tell you how to do your job..
Well ok... but then do it and don't be as lazy as coders normaly are.
You blame me for mailing "shit"?
I blame you for the things you do because you tell everybody OpenBSD is
more secure as other OSs.
Well that maybe true in some ways but you fail strongly in some other
Ok let's NOT play with outdated and risky ports and/or software.
Who the hell needs a running inetd? A listening XServer?
Maybe the guys who call me a moron should go to a libary to read a book
OpenBSD can improve the security and XServer ist just 1 step....
And if I don't like a kind of person then it's Greg...
So please DON'T Answer you fucking english-speaking moron... just WAKE
UP.. but I wrote you that already.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (OpenBSD)
-----END PGP SIGNATURE-----
Visit your host, monkey.org