[Discuss] Trying to connect to internet in Debian

[kentborg at borg.org (Kent Borg)]

On 1/16/26 5:01 PM, Randall Rose wrote:
> Of course, if you can recommend a way of finding out which of the thousands 
> of packages that currently are or might later be on my machine could be 
> listening to the network, I would appreciate hearing.  That would be useful 
> information.  I just don't know it.

My approach is to do a port scan of myself, to check what network ports 
are open and listening for incoming connections using "nmap", pretty 
standard program.

First, find out what your network address, say it is 10.1.2.3, then run 
something like:

 ? nmap -A -T3 10.1.2.3

When I run it against my laptop I get:

> root at theseion:/home/kentborg# nmap -A -T3 10.0.0.184
> Starting Nmap 7.95 ( https://nmap.org ) at 2026-01-16 19:06 PST
> Nmap scan report for theseion.lan (10.0.0.184)
> Host is up (0.000058s latency).
> All 1000 scanned ports on theseion.lan (10.0.0.184) are in ignored states.
> Not shown: 1000 closed tcp ports (reset)
> Too many fingerprints match this host to give specific OS details
> Network Distance: 0 hops
>
> OS and Service detection performed. Please report any incorrect 
> results at https://nmap.org/submit/ .
> Nmap done: 1 IP address (1 host up) scanned in 1.72 seconds
> root at theseion:/home/kentborg#

Nothing listening, very boring.

Note that if you do an nmap of "localhost" you will see what is visible 
from within the machine looking at itself, and can get different 
answers, you need to specify your IP address to get what others see. 
Even then it is probably cleaner to do the nmap from a different machine 
to really get the outside world's perspective.


When I run at against one of my e-mail servers, much more interesting.

I won't paste in the whole output, but I see something is listening on:

- port 22? sshd, good, I use that everyday
- port 25? smtpd, good, needed for incoming e-mail
- port 145? imapd, good, for users to read e-mail
- port 465? ssl/smtp, good, also for users to send e-mail
- port 993? imapd, good, for users to read e-mail, maybe I don't need both.

That's it.


When I do a scan of my web server I see:

- port 22? sshd again
- port 25? smtpd again, though it accepts mail for almost nothing
- port 80? web
- port 443? encrypted web

Again, just what I expect.


If I were to put on a firewall I would have to let those through, and I 
would block attempts to talk to?all the other possible ports, that 
nothing is listening to anyway.

-kb