You are not logged in.
i just ran nmap to test my ports and I get this:
PORT STATE SERVICE VERSION
7634/tcp open hddtemp hddtemp hard drive info server
Is there a way to block this or do I need to worry about it?
Last edited by orphius1970 (2010-01-12 08:07:31)
AMD Phenomx3, 4gb ram, Nvidia Gforce 9400gt,
MSI K9N2 Diamond Motherboard, Arch x86_64
Offline
Hi rphius1970,
if hddtemp is only listening on localhost, than I would say there is nothing to worry about.
On my system:
# netstat -plnt | grep hddtemp
tcp 0 0 127.0.0.1:7634 0.0.0.0:* LISTEN 1923/hddtemp
Did you start nmap on the machine that is running hddtemp or did you scan for open ports from a different pc?
Offline
if hddtemp is only listening on localhost, than I would say there is nothing to worry about.
If "hddtemp" has root's privileges, then there is a risk of privilege escalation. Surely "hddtemp" does not require a password from incoming connections. A model of attack is as follows: a malicious process on a local machine connects to "hddtemp", using vulnerability in "hddtemp" it gets root's privileges.
Last edited by beroal (2010-01-11 19:12:45)
we are not condemned to write ugly code
Offline
i used nmap locally and i have hddtemp in my daemons
i also just did:
sudo netstat -plnt | grep hddtemp
tcp 0 0 127.0.0.1:7634 0.0.0.0:* LISTEN 9369/hddtemp
Last edited by orphius1970 (2010-01-11 20:38:30)
AMD Phenomx3, 4gb ram, Nvidia Gforce 9400gt,
MSI K9N2 Diamond Motherboard, Arch x86_64
Offline
set the PARAMS in /etc/conf.d/hddtemp so it only listen to localhost.
PARAMS="-q -l 127.0.0.1"
Website: andrwe.org
Repository: repo.andrwe.org/<archtiecture>
Offline
Andrwe,
I did exactly as you say. scan from my own puter shows the open port, but not from an external scan.
Thankyou!
AMD Phenomx3, 4gb ram, Nvidia Gforce 9400gt,
MSI K9N2 Diamond Motherboard, Arch x86_64
Offline
You're welcome.
Website: andrwe.org
Repository: repo.andrwe.org/<archtiecture>
Offline