Debian-Image: by default port 6000 open
Rorschach
r0rschach at lavabit.com
Mon Aug 18 13:39:23 CEST 2008
Hi,
I checked my debian-installation today:
$ sudo nmap -sS -A 192.168.0.202
Starting Nmap 4.53 ( http://insecure.org ) at 2008-08-18 13:26 CEST
SCRIPT ENGINE: rpcinfo.nse is not a file.
SCRIPT ENGINE: Aborting script scan.
Interesting ports on 192.168.0.202:
Not shown: 1712 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh Dropbear sshd 0.51 (protocol 2.0)
6000/tcp open X11 (access denied)
MAC Address: B6:EA:FE:36:73:B3 (Unknown)
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux 2.6.13 - 2.6.20
Uptime: 248.551 days (since Thu Dec 13 23:13:47 2007)
Network Distance: 1 hop
Service Info: OS: Unix
OS and Service detection performed. Please report any incorrect results at http://insecure.org/nmap/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 23.939 seconds
Alsa a netstat -tulpen done on the device direclty:
# netstat -tulpen
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 0.0.0.0:6000 0.0.0.0:* LISTEN 0 1822 1127/X
tcp6 0 0 :::6000 :::* LISTEN 0 1821 1127/X
tcp6 0 0 :::22 :::*
LISTEN 0 1771 1102/dropbear
So the Xserver is listening to tcp-connections by default. Is this necessary? I tried to deactivated but found:
debian-gta02:/etc/X11# cat xinit/xserverrc
#!/bin/sh
# $Id: xserverrc 189 2005-06-11 00:04:27Z branden $
exec /usr/bin/X11/X -nolisten tcp
#!/bin/sh
# $Id: xserverrc 189 2005-06-11 00:04:27Z branden $
exec /usr/bin/X11/X -nolisten tcp
So it seems to be already deactivated and should run __without__ an open port because of -nolisten tcp. But why is the port open nevertheless? Any idea how to deactivate it?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.openmoko.org/pipermail/support/attachments/20080818/0d9059a0/attachment.pgp
More information about the support
mailing list