Hi all,

First of all, I would like to thank you all (Randy, Brendan, Izaac, Ron,
Bruce and Bill) very much for your replies ; they've proven very helpful in
understanding how these things operate.
Appearently the portscan on unixcircle wasn't a portscan of my own server,
but of some computer on my ISP's network (no idea why that happened), and my
own box was locked down as it should -- as far as I can tell from reading
the documents and probing settings here and there.
The only oddities now are 'buffer overflow' errors which seem to not hamper
anything but sometimes show up on the screen, and a hard disk that sounds
like it is getting accessed even though the machine isn't doing anything (in
the sense that the other computers are off).
Probably nothing wrong there, so I won't tinker anything for now, heh :-)

Thanks again,

Jan Schenkel.

-----Original Message-----
From: port-mac68k-owner@netbsd.org
[mailto:port-mac68k-owner@netbsd.org]On Behalf Of Jan Schenkel
Sent: woensdag 6 november 2002 7:04
To: port-mac68k@netbsd.org
Subject: How to interpret the results of a portscan?


Hi all,

The old MacIIci is still happily chugging along. Just wanting to make sure
the firewall was as tight as it could be (inetd=NO ; then some ipfilter and
ipnat rules), I steered my browser towards unixcircle.com and did a portscan
on the netbsd box. Here's the result:

23/tcp filtered telnet
514/tcp open shell
8080/tcp filtered http-proxy
8081/tcp filtered blackice-icecap

Is there anything else I should do to improve security?

TIA

Jan Schenkel.

"As we grow older, we grow both wiser and more foolish at the same time."
(La Rochefoucauld)