[nylug-talk] chrootkit and nmap
Steven Lembark
lembark at wrkhors.com
Wed Jul 4 18:05:31 EDT 2007
> Hi, I am reading a Ubuntu book says that chrootkit
> and nmap tools can be used to test and probe one's
> own system. Anyone know more about how to use these
> tools to self-test the system?
nmap can be used to scan for open ports and is a big
help in checking for holes.
Assuming you have some sort of port-forwarding router,
the trick is to find an external machine that you can
use to probe looking into the router from outside: this
is the collection of ports that are vulnerable from the
outside. Probing the interior machines only tells you
how vulnerable they are to each other, not the cloud.
For example, if your gateway router is configured to
drop all packets without an 'ack' bit set then there
isn't much anyone can do to initite a connection. This
may be a reasonable setting if you don't provide any
services from your machine to the outside. In that
case nmap from outside will show nothing open at all
even if you have all sorts of things available inside.
--
Steven Lembark 85-09 90th St
Workhorse Computing Woodhaven, NY 11421
lembark at wrkhors.com +1 888 359 3508
More information about the nylug-talk
mailing list