Discussion:
Please List Your Open Ports
Add Reply
Physfitfreak
2025-03-16 18:50:15 UTC
Reply
Permalink
I am curious about how many open ports the average distro exposes.
netstat -lnptu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 215/pdnsd
udp 0 0 127.0.0.1:53 0.0.0.0:* 215/pdnsd
That's all I need for my workstation.
Note that "netstat" may not be available with that putrid abomination
knows as systemd.
Use whatever equivalent.
I get 12 open ports. 6 of them have status of LISTEN.

For example, one of the whose status isn't mentioned is this:

udp6 0 0 :::34964 :::*

Have no idea what these all mean.
Farley Flud
2025-03-16 19:52:21 UTC
Reply
Permalink
Post by Physfitfreak
I get 12 open ports. 6 of them have status of LISTEN.
Have no idea what these all mean.
It means that the average distro is exposing itself to potential
security threats.

For a standalone workstation there should be no open ports.
--
Systemd: solving all the problems that you never knew you had.
Physfitfreak
2025-03-16 22:58:16 UTC
Reply
Permalink
Post by Farley Flud
Post by Physfitfreak
I get 12 open ports. 6 of them have status of LISTEN.
Have no idea what these all mean.
It means that the average distro is exposing itself to potential
security threats.
For a standalone workstation there should be no open ports.
I vaguely remember asking this question before. What do you mean by a
"standalone" computer?

I have 24x7 access to internet of course. Would that mean I'm not using
a standalone computer?

And since you posted this thread, I looked into closing the unneeded
ports, and was not successful cause giving the command involved would
not recognize the information about the port that I was giving it.

Then I looked whether I could find if repeated attempts have been made
to log into my computer, and were somehow led to installing fail2ban.
But I don't understand well enough what it exactly does and how I'm
supposed to use it. Yet.
Physfitfreak
2025-03-17 18:28:02 UTC
Reply
Permalink
You should check out tcpdump to examine what kind of traffic you
are experiencing.
I will.

Note that nsa, cia, and fbi are constantly part of this computer's
"network". And I don't mind that, of course.

In fact I prefer it that way. They're on my side.

But I do _not_ wish psychos like "DFS" and now deceased "Relf" and "Jim
Pennino" types of petty criminal "engineers" access my computer. This is
my concern, this type of threats. Because they'd only mean harm.
Physfitfreak
2025-03-17 18:34:27 UTC
Reply
Permalink
Post by Physfitfreak
You should check out tcpdump to examine what kind of traffic you
are experiencing.
I will.
Note that nsa, cia, and fbi are constantly part of this computer's
"network". And I don't mind that, of course.
In fact I prefer it that way. They're on my side.
But I do _not_ wish psychos like "DFS" and now deceased "Relf" and "Jim
Pennino" types of petty criminal "engineers" access my computer. This is
my concern, this type of threats. Because they'd only mean harm.
Running tcpdump gives me this error:

tcpdump: eno1: You don't have permission to capture on that device
Farley Flud
2025-03-17 19:09:02 UTC
Reply
Permalink
Post by Physfitfreak
tcpdump: eno1: You don't have permission to capture on that device
You must execute tcpdump as the root user.

On my machine I am always the root user, but the stupid distros have their
own ridiculous security philosophy. I believe that their asinine command
workaround is this:

sudo tcpdump

Also, read the tcpdump man page or search for tcpdump web pages.
There is a LOT that the command can do.
--
Systemd: solving all the problems that you never knew you had.
Physfitfreak
2025-03-17 21:06:33 UTC
Reply
Permalink
Post by Farley Flud
Post by Physfitfreak
tcpdump: eno1: You don't have permission to capture on that device
You must execute tcpdump as the root user.
On my machine I am always the root user, but the stupid distros have their
own ridiculous security philosophy. I believe that their asinine command
sudo tcpdump
Also, read the tcpdump man page or search for tcpdump web pages.
There is a LOT that the command can do.
Ok, I ran it and had it write the result (a large file) to a file.
Checking the file, I could not understand any of the output which were
in chronological order. I spotted a few "Amazon" words, so I thought
perhaps most of the file is about cookies activities, etc. So I ran the
bleachbit to clear cookies up.

Then I ran tcpdump again and wrote output in a file. The file looks the
same having stuff like: (part of the entry for second 20 of 3:51 pm today)

15:51:20.751730 IP6 _gateway > hydrogen-OptiPlex-7050: ICMP6, neighbor
solicitation, who has hydrogen-OptiPlex-7050, length 32
15:51:20.751816 IP6 hydrogen-OptiPlex-7050 > _gateway: ICMP6, neighbor
advertisement, tgt is hydrogen-OptiPlex-7050, length 24
15:51:20.767810 IP6 _gateway > hydrogen-OptiPlex-7050: ICMP6, neighbor
solicitation, who has hydrogen-OptiPlex-7050, length 32
15:51:20.767897 IP6 hydrogen-OptiPlex-7050 > _gateway: ICMP6, neighbor
advertisement, tgt is hydrogen-OptiPlex-7050, length 24
15:51:20.799787 IP6 _gateway > hydrogen-OptiPlex-7050: ICMP6, neighbor
solicitation, who has hydrogen-OptiPlex-7050, length 32
15:51:20.799872 IP6 hydrogen-OptiPlex-7050 > _gateway: ICMP6, neighbor
advertisement, tgt is hydrogen-OptiPlex-7050, length 24
15:51:20.806917 IP6 hydrogen-OptiPlex-7050 > homeportal: ICMP6, neighbor
solicitation, who has homeportal, length 32
15:51:20.806977 IP6 hydrogen-OptiPlex-7050 > _gateway: ICMP6, neighbor
solicitation, who has _gateway, length 32
15:51:20.807765 IP6 homeportal > hydrogen-OptiPlex-7050: ICMP6, neighbor
advertisement, tgt is homeportal, length 24
15:51:20.808234 IP6 _gateway > hydrogen-OptiPlex-7050: ICMP6, neighbor
advertisement, tgt is _gateway, length 24
15:51:20.854022 e0:22:04:56:89:3b (oui Unknown) > Broadcast, ethertype
Unknown (0x7373), length 121:
0x0000: 1211 0000 0043 1fb2 05dd f137 e122 3905 .....C.....7."9.
0x0010: ef58 d67c 1e40 a4ae bb60 6ad8 2f7d eecd .X.|***@...`j./}..
0x0020: 43c3 ac98 e8a4 0000 0201 8003 06e0 2204 C.............".
0x0030: 5689 3b04 0104 0701 011b 0100 0806 e022 V.;............"
0x0040: 0456 893b 0901 020e 1800 0000 0000 0000 .V.;............
0x0050: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0060: 0019 0889 caa5 4969 ebf2 04 ......Ii...

If you can make sense of it you're welcome to comment :)
Farley Flud
2025-03-17 21:38:53 UTC
Reply
Permalink
Post by Physfitfreak
If you can make sense of it you're welcome to comment :)
I'm very sorry, but any comments are not possible unless one
understands basic IP/TCP concepts.

You undeniably have the intelligence to grasp these concepts
but I cannot provide any quick and easy insight.

The only recourse is to study basic networking concepts via
the many, many web sites that are devoted to this topic, or
perhaps via a few books on same.
--
Systemd: solving all the problems that you never knew you had.
Physfitfreak
2025-03-17 21:55:54 UTC
Reply
Permalink
Post by Farley Flud
Post by Physfitfreak
If you can make sense of it you're welcome to comment :)
I'm very sorry, but any comments are not possible unless one
understands basic IP/TCP concepts.
You undeniably have the intelligence to grasp these concepts
but I cannot provide any quick and easy insight.
The only recourse is to study basic networking concepts via
the many, many web sites that are devoted to this topic, or
perhaps via a few books on same.
Or using AI :)

AI says this is normal activity. That's all I care about it.
Physfitfreak
2025-03-22 17:02:19 UTC
Reply
Permalink
+1
The "Moldy Bologna" is showing off his mathematical skills.
His profound statement represents the pinnacle thereof.
In a few years (decades?) he will be able to complete
1 + 1 = 2.
Let's send him off to the "International Mathematical Olympiad:"
https://en.wikipedia.org/wiki/International_Mathematical_Olympiad
Ha, ha, ha, ha, ha, ha, ha, ha, ha, ha, ha, ha!
No that moron learned to write "+1" by watching American Wrestling games.
Loading...