On Fri, Sep 21, 2018 at 01:52:00PM -0400, rhkramer@xxxxxxxxx wrote:
> On Friday, September 21, 2018 08:55:21 AM Henning Follmann wrote:
> > Run a netstat -t -l and you will see there is nothing listening. So what is
> > the point of running a firewall?
> I'm not the OP, but I decided to play along and run:
> root@s19:~# netstat -t -l
> Active Internet connections (only servers)
> Proto Recv-Q Send-Q Local Address Foreign Address State
> tcp 0 0 localhost:smtp *:* LISTEN
> tcp 0 0 *:microsoft-ds *:* LISTEN
> tcp 0 0 *:netbios-ssn *:* LISTEN
> tcp 0 0 *:53647 *:* LISTEN
> tcp 0 0 *:sunrpc *:* LISTEN
> tcp 0 0 localhost:ipp *:* LISTEN
> (This on my wheezy system.)
> What is that telling me
You have exim (most probably), samba, nfs portmapper and CUPS running.
And that thing (whatever it is) which is listening tcp:53647.
samba, portmapper and that 53647 thing are listening on all interfaces,
i.e. are reachable from outside of your host. Unless a packet filter
intervenes, that is.
And, of course, that is TCP only, there can be processes listening UDP
Btw consider using 'ss -nptl' or 'netstat -nptl' for a more meaningful
> and should I be worried.
No, assuming that you're:
1) Using only Debian-provided software.
2) Installed and started Samba intentionally.
3) Do not intend to provide SMB to all the Internet.