What could be on udp:48152

• Previous message: Stijn Hoop: "Re: Apache leaks sensitive info in PHP phpinfo() calls"
• Next in thread: James Raftery: "Re: What could be on udp:48152"
• Reply: James Raftery: "Re: What could be on udp:48152"
• Reply: Mike Silbersack: "Re: What could be on udp:48152"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 13 Nov 2003 11:12:10 -0700
To: freebsd-security@freebsd.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi, I'm running stock FreeBSD with services running: samba (connections
allowed only from local network), lpd (same), bind (all interfaces), apache
(all), zope (local)
This machine is home gateway/http/printserver.
Recently some strange things happened as my printer all of sudden started to
print stuff when nobody prints... luckily (or unluckily) it ran out of ink so
I can't tell what's printed. Checked programs running, ports opened and found
one unidentified:

udp4 0 0 *.49152 *.*

dimon@gateway ~ > sockstat | grep 49152
bind named 270 4 udp4 *:49152 *:*

Now', is there any reason for bind to use this port?
Googling for that subject didn't bring any results other than usualy this port
is first available for dynamic ports. Which doesn't make sence to me.

System:
FreeBSD 5.1

- --
Dmitry Makovey
Web Systems Administrator
Athabasca University
(780) 675-6245
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)

iD8DBQE/s8mAyDrVuGfS98QRAlo6AJ9Miz8bbYjkldiTvSGOd+LfwY/3CACcCQAj
eNMb97scSLfQDvoHE6nx+L8=
=p4RL
-----END PGP SIGNATURE-----

_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

• Previous message: Stijn Hoop: "Re: Apache leaks sensitive info in PHP phpinfo() calls"
• Next in thread: James Raftery: "Re: What could be on udp:48152"
• Reply: James Raftery: "Re: What could be on udp:48152"
• Reply: Mike Silbersack: "Re: What could be on udp:48152"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Local DNS Caching not caching on external interface ... I am very new to Bind and FreeBSD. ... I have just configured a Local DNS server using the built-in Bind 9.3.1 ... the caching name server from my local network. ... (freebsd-questions) Re: FreeBSD Security Advisory: FreeBSD-SA-01:10.bind [REVISED] ... I already made this comment when the earlier advisory ... earlier, vulnerable version of bind. ... > All versions of FreeBSD 3.x prior to the correction date including ... > port in the ports collection is also vulnerable. ... (FreeBSD-Security) Re: FreeBSD 7.1 and BIND exploit ... Brett Glass wrote: ... | Will FreeBSD 7.1 be released in time to use it as an upgrade to ... BIND, update BIND now. ... If you need to use the ports, that's fine, just ... (freebsd-stable) Re: FreeBSD Security Advisory FreeBSD-SA-06:20.bind ... using both the BIND and OPENSSL ports with the REPLACE_BASE directive, ... I don't know enough of what the ports do to be certain about the answer ... on FreeBSD 6.x -- I can give you a list of files modified on FreeBSD ... (FreeBSD-Security) FreeBSD Status Report Second Quarter 2006 ... April-June 2006 Status Report ... With the release of FreeBSD 5.5 and FreeBSD 6.1, ... consider the "Open Tasks lists" provided with some reports. ... Improving Ports Collection ... (freebsd-current)