newbie question about nmapper
miah
jjohnson at sunrise-linux.com
Mon Sep 20 21:41:01 EDT 2004
On Mon, Sep 20, 2004 at 06:01:50PM -0400, Jerry Feldman wrote:
> On Mon, 20 Sep 2004 14:35:10 -0700 (PDT)
> kathleen lynch <lynchlinux at yahoo.com> wrote:
>
> > Hi,
> >
> > I have a new installation of domino on linux. The domino server is up
> > and running but is accessible only though http. The Notes clients
> > can't get through. I went to nmapper to do port scan --I have a
> > pretty good idea of what is blocked anyway but it seems like aneat
> > idea. However, there are a zillion. I am running redhat 7.3 what
> > rpm of portmapper would be good for me to use?
> Portmapper should be built into RH 7.3. I've never seen a network
> release of Linux without it. I think you have to figure out what port
> that the domino server listens to and make sure that the notes vclient
> knows about it. The standard lotus notes port is 1352 (both TCP and
> UDP).
>
> In essence, a server binds itself to a specific port, and listens for
> connections to that port.
> Also, make sure that the firewall in RH 7.3 is not blocking that port
> for internal clients. (For testing, just disable the firewall (iptables
> or ipchains).
>
You're thinking portmap, while they're talking about 'what ports are
open on my system'. Not the same thing at all. Portmap is only
really needed if you're dealing with rpc services, and nfs.
If you want to find out what ports are in use on your system, start
with netstat.
netstat -nap (easy to remember, you can do nap, or pan), will show you
all the ports that are in use (LISTEN for tcp, udp will just show up
and wont say LISTEN, which is annoying).
Another thing you can do is use lsof (which I don't think comes with
RH7.3), but can be downloaded easily, the distribution site is:
ftp://vic.cc.purdue.edu/pub/tools/unix/lsof/
That will help you determine which ports are open locally. If you
don't trust your local tools, nmap can help, but if you can't trust
your local tools, nmap could be just as wrong. Some system rootkits
will not reveal a open port unless a packet has a specific string, or
is from a specific host. Some rootkits are much more advanced than
that even.
Nmap is great for testing your firewall configuration, and I'd
definately use it for that if thats all your attempting to do.
The iptables manpage is pretty good, it explains everything. If its a
little too much, try the iptables howto, (google for 'iptables
howto').
Personally, I'd ditch Redhat 7.3, and go with Fedora Core 2, RH7.3 has
been 'End of Lifed' for a while now, no new updates will be released,
so you'll be vulnerable to all sorts of vulnerabilities unless you
manually patch everything, which can get crazy quickly.
-miah
More information about the Discuss
mailing list