Re: X-Server and the default port 6000....

[van Helsing <vh_(_at_)_helith_(_dot_)_net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 09 Nov 2004 14:43:30 +0100
Phil Schulz <scph0020_(_at_)_fh-karlsruhe_(_dot_)_de> wrote:

> van Helsing schrieb:
> 
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> > 
> > Would you please disable the port per default in 3.7?
> > 
> > Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2004-11-09
> > 03:17 CET
> > Interesting ports on localhost.helith.net (127.0.0.1):
>                                               ^^^^^^^^^^
> 
> WTF do you scan localhost for? Doesn't mean shit because processes
> that bind() (see bind(2)) to 127.0.0.1 do not even receive packets
> sent to other addresses on the same machine. In other words, the port
> is not necessarily remotly reacheable. Use nmap from a remote (can be
> on local net) host if you want to know which port/services are
> availeable to the outside. Also make sure you use the right address!
> 
> Regards,
> 
> Phil.

You don't know the OS you're using....
Here's a scan from outside Phil....

- ------

$ ssh -2 helith.net
vh_(_at_)_helith_(_dot_)_net's password: 
Last login: Tue Nov  9 13:43:53 2004 from brocken.rz.hu-berlin.de
OpenBSD 3.5-stable (GENERIC) #3: Tue Aug 31 07:21:50 CEST 2004

$ who      
vh       ttyp0    Nov  9 17:41   (pd9e82b48.dip.t-dialin.net)
$ nmap -sT -P0 -p6000 pd9e82b48.dip.t-dialin.net 

Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2004-11-09 17:42
CET
Interesting ports on pD9E82B48.dip.t-dialin.net (217.232.43.72):
PORT     STATE SERVICE
6000/tcp open  X11

Nmap run completed -- 1 IP address (1 host up) scanned in 0.271 seconds
$ uname -a
OpenBSD informant.helith.net 3.5 GENERIC#3 i386
$ hostname
informant.helith.net
$ Connection to helith.net closed.
$ uname -a
OpenBSD godfather.helith.net 3.6 GENERIC#0 amd64
$ hostname 
godfather.helith.net
$ 

- ------

Enouth proofs that securityx means sometimes a shit for the developers
of OpenBSD?
Somebody wrote that I shouldn't tell you how to do your job.. 
Well ok... but then do it and don't be as lazy as coders normaly are.

You blame me for mailing "shit"?
I blame you for the things you do because you tell everybody OpenBSD is
more secure as other OSs.
Well that maybe true in some ways but you fail strongly in some other
ways.

Ok let's NOT play with outdated and risky ports and/or software.
Who the hell needs a running inetd? A listening XServer? 
Maybe the guys who call me a moron should go to a libary to read a book
about "footprinting".

OpenBSD can improve the security and XServer ist just 1 step....
And if I don't like a kind of person then it's Greg... 
So please DON'T Answer you fucking english-speaking moron... just WAKE
UP.. but I wrote you that already.

vh
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (OpenBSD)

iD8DBQFBkPQ9yx4ucshhM80RAp2aAKCmV2O9/S1DhaOo2PBNM19QpBPQlwCfSSqh
TbDmHLzh6+F0011zqv9WCG4=
=Owqz
-----END PGP SIGNATURE-----