Timeline for How to scan my computer's UDP ports
Current License: CC BY-SA 4.0
14 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Aug 17, 2019 at 10:11 | history | edited | sourcejedi | CC BY-SA 4.0 | added 5 characters in body |
| Mar 24, 2019 at 22:03 | history | edited | sourcejedi | CC BY-SA 4.0 | added 96 characters in body |
| Mar 24, 2019 at 21:58 | history | edited | sourcejedi | CC BY-SA 4.0 | added 96 characters in body |
| Mar 23, 2019 at 0:17 | comment | added | sourcejedi | @Tim (1) well, it's all a mess. Look at each listening port. Decide whether it is listening to localhost or not. There may be two different localhost addresses used depending on the service - the IPv6 one and the (common) IPv4 one. It could also vary based on if you passed -n to netstat - then it would show localhost instead of 127.0.0.1 for example. | |
| Mar 23, 2019 at 0:10 | comment | added | sourcejedi | @Tim " Access to private and control mode queries can be restricted in ntp.conf based on the source IP. Default installations usually prohibit these queries for every source IP except for 127.0.0.1 and ::1. This is what e.g. Ubuntu, Debian and OS X do [did?]." - this is ntpd checking the source address of each connection itself. It was not being bound to localhost. | |
| Mar 23, 2019 at 0:07 | comment | added | sourcejedi | @Tim memory says that ntpd did not let you actually configure it to listen on localhost. Instead you could only configure ntpd to discard packets which did not come from localhost. My memory might be wrong, but at least that was a common default configuration. googleprojectzero.blogspot.com/2015/01/… | |
| Mar 22, 2019 at 23:49 | comment | added | Tim | Thanks. (1) I am not sure what rules in the "Omitting localhost" section in unix.stackexchange.com/questions/309083/…, probably because I don't quite follow the post and your reply there. (2) " If possible, I would tend to configure services to listen on localhost". When is it not possible? | |
| Mar 22, 2019 at 23:28 | history | edited | sourcejedi | CC BY-SA 4.0 | added 1 character in body |
| Mar 22, 2019 at 23:24 | comment | added | sourcejedi | @Tim I added a sentence saying that I would not need to. I would follow rules similar to those in the "Omitting localhost" section, then I have only a few services that would show up, so I can type them in manually. If possible, I would tend to configure services to listen on localhost, then I don't have to worry about the firewall for that service. Do you have many services which are not listening on localhost, for some reason? | |
| Mar 22, 2019 at 23:21 | history | edited | sourcejedi | CC BY-SA 4.0 | added 163 characters in body |
| Mar 22, 2019 at 23:21 | comment | added | Tim | Thanks. How would you extract tcp and udp ports from ss or netstat, and pass them to nmap for tcp and udp scan? It is not easy to write such a shell script. | |
| Mar 22, 2019 at 23:20 | history | edited | sourcejedi | CC BY-SA 4.0 | added 163 characters in body |
| Mar 22, 2019 at 23:14 | history | edited | sourcejedi | CC BY-SA 4.0 | added 163 characters in body |
| Mar 22, 2019 at 23:09 | history | answered | sourcejedi | CC BY-SA 4.0 |