![]() |
2009-09-08
, 13:43
|
Posts: 20 |
Thanked: 1 time |
Joined on Jan 2008
@ Toronto, Ontario
|
#22
|
Why on earth would an internet tablet (or a pure desktop machine for that matter) have any open ports or any services listening on such ports?!?!
![]() |
2009-09-08
, 14:00
|
|
Posts: 415 |
Thanked: 182 times |
Joined on Nov 2007
@ Leeds UK
|
#23
|
the product is called an 'internet tablet'. so by that name, one assumes one will use this device to connect to other devices and browse the 'internet'. if you are using ssh, nfs, cifs, samba, bluetooth, e.t..c -- you will have ports open. if you don't use them -- turn them off. (check the linux, ubuntu, debian, and other UNIX sites of how you disable services and tweak inetd -- it's pretty straight forward)
if you start disabling services, installing firewall s/f and hardening -- you have to configure them properly (they have no intelligence of their own and they are usually completely unaware of changes done to the network after they are configured - so you have to remember to maintain them) and you should not expect that you device will work flawlessly 100% of the time. you will probably run into connectivity issues and will have to micro-manage it a bit.
but once again, ask yourself, what is your goal? to make sure you don't show up on scans or to have a device that does what you expect it to.
in a previous life, i used to be a network IT guy. the general rule of thumb is -- if you start to lie to the network (proxy, NAT, port blocking, filtering, e.t.c.) the network will start to kick you in the ***.
regarding security on an internet tablet. common sense dictates that you probably dont want to do your online baking and leave important information such as banking, credit card, mortgate on it. it's small and easily stealable. it usues wifi which is easily snoopable and easily trickable.
The Following User Says Thank You to deadmalc For This Useful Post: | ||
![]() |
2010-02-05
, 03:08
|
Posts: 99 |
Thanked: 24 times |
Joined on Feb 2010
|
#25
|
![]() |
2010-02-05
, 16:20
|
Posts: 287 |
Thanked: 127 times |
Joined on Oct 2009
@ Sweden
|
#26
|
![]() |
2010-02-22
, 14:06
|
Posts: 66 |
Thanked: 30 times |
Joined on Feb 2010
|
#27
|
Alternatively you can use netstat on the device, if you trust that it hasn't already been compromised and a rootkit installed ;-)
On mine it currently says:
...
From the above list, the scariest one is 7275, since supllistenerd runs as root and it's a closed source component so can't be audited independently. Note that it's not in the default Diablo installation either though (comes from agps-ui).
![]() |
2010-02-22
, 20:58
|
Posts: 2,802 |
Thanked: 4,491 times |
Joined on Nov 2007
|
#28
|
![]() |
2010-02-23
, 10:03
|
Posts: 66 |
Thanked: 30 times |
Joined on Feb 2010
|
#29
|
~/MyDocs/Scripts $ lsof -i COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME browser 1405 user 14u IPv4 7251 UDP *:60211 ~/MyDocs/Scripts $ netstat -tulne Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 127.0.0.1:28782 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN netstat: no kernel support for AF INET6 (tcp) udp 0 0 0.0.0.0:2948 0.0.0.0:* udp 0 0 0.0.0.0:60211 0.0.0.0:* udp 0 0 127.0.0.1:53 0.0.0.0:* udp 0 0 127.0.0.1:3001 0.0.0.0:* udp 0 0 127.0.0.1:3002 0.0.0.0:* netstat: no kernel support for AF INET6 (udp)
![]() |
2011-09-05
, 23:13
|
Posts: 21 |
Thanked: 32 times |
Joined on Mar 2010
@ Ridgecrest, California, USA
|
#30
|
thanks for the hint. but I am not sure if the output of lsof -i is complete. this is what I get:
what about the udp port 2948?Code:~/MyDocs/Scripts $ lsof -i COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME browser 1405 user 14u IPv4 7251 UDP *:60211 ~/MyDocs/Scripts $ netstat -tulne Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 127.0.0.1:28782 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN netstat: no kernel support for AF INET6 (tcp) udp 0 0 0.0.0.0:2948 0.0.0.0:* udp 0 0 0.0.0.0:60211 0.0.0.0:* udp 0 0 127.0.0.1:53 0.0.0.0:* udp 0 0 127.0.0.1:3001 0.0.0.0:* udp 0 0 127.0.0.1:3002 0.0.0.0:* netstat: no kernel support for AF INET6 (udp)
now run (as root)
Nokia n800
OS 2008
Pharos iGPS 360-BT
ElmScan 5 BlueTooth
BlackBerry Bold (9000)
AT&T Wireless