Reinoud.Koornstra@ibbnet.nl (Reinoud Koornstra) writes:
> I installed nmap with the pkgsrc and tryed it on my own machine.
> With "nmap -F -O -sF" i saw that no ports where found open.
> With "nmap -F -O -sU" however i saw that port 514 syslog was open.
> How do i close that one?

man syslogd

     -s      Select ``secure'' mode, in which syslogd does not open a UDP
             socket but only communicates over a UNIX domain socket.  This is
             valuable when the machine on which syslogd runs is subject to at-
             tack over the network and it is desired that the machine be pro-
             tected from attempts to remotely fill logs and similar attacks.

On the other hand if you need to keep syslog open for some machines on
your net and not others you'll have to configure ip filters.  see man
ipf.

BTW. "nmap -sU" probably isn't telling you what you think it is
telling you.  It only tell you about ports that *didn't* reply to a
UDP probe.  This fact could be used by your ipf filters to pollute the
waters enough that nmap UDP scans of your machine are worthless.

-wolfgang
-- 
       Wolfgang Rupprecht <wolfgang+gnus@dailyplanet.wsrcc.com>
		    http://www.wsrcc.com/wolfgang/
DGPS signals via the Internet  http://www.wsrcc.com/wolfgang/gps/dgps-ip.html