[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Sheflug] Any Explanations ?

To: shef-lug [at] xxxxxxxxxxxxxxxxxxx
Subject: [Sheflug] Any Explanations ?
From: Richard Ibbotson <xxxxx [at] xxxxxxxxxxxxx>
Date: Sat, 23 Feb 2002 11:28:24 +0000
Envelope-To: <shef-lug [at] list.sheflug.org.uk>
List-Help: <mailto:shef-lug-request [at] list.sheflug.org.uk?subject=help>
List-Id: Sheflug <shef-lug.list.sheflug.org.uk>
List-Post: <mailto:shef-lug [at] list.sheflug.org.uk>
List-Subscribe: <http://community.uklinux.net/mailman/listinfo/shef-lug>,<mailto:shef-lug-request [at] list.sheflug.org.uk?subject=subscribe>
List-Unsubscribe: <http://community.uklinux.net/mailman/listinfo/shef-lug>,<mailto:shef-lug-request [at] list.sheflug.org.uk?subject=unsubscribe>
Organization: Sheffield Linux User's Group
Reply-To: shef-lug [at] xxxxxxxxxxxxxxxxxxx
Sender: shef-lug-admin [at] xxxxxxxxxxxxxxxxxxx

Dear all

I was hoping that someone might be able to clear up my own confusion. 
 I've just run 'netstat -ln' on my workstation and this is part of 
what came up on the screen.....

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         
State      
tcp        0      0 0.0.0.0:515             0.0.0.0:*            
LISTEN      
tcp        0      0 172.16.113.1:139        0.0.0.0:*               
LISTEN      
tcp        0      0 0.0.0.0:10000           0.0.0.0:*               
LISTEN      
tcp        0      0 0.0.0.0:6000            0.0.0.0:*               
LISTEN      
tcp        0      0 0.0.0.0:21              0.0.0.0:*               
LISTEN      
tcp        0      0 0.0.0.0:25              0.0.0.0:*               
LISTEN      
tcp        0      0 0.0.0.0:7869            0.0.0.0:*               
LISTEN      
tcp        0      0 0.0.0.0:7741            0.0.0.0:*               
LISTEN      
tcp        0      0 :::22                   :::*                    
LISTEN      
udp        0      0 172.16.113.1:137        0.0.0.0:*                 
          
udp        0      0 0.0.0.0:137             0.0.0.0:*                 
          
udp        0      0 172.16.113.1:138        0.0.0.0:*                 
          
udp        0      0 0.0.0.0:138             0.0.0.0:*                 
     
udp        0      0 0.0.0.0:10000           0.0.0.0:*                 
          
udp        0      0 0.0.0.0:7741            0.0.0.0:*                 
          
raw        0      0 0.0.0.0:1               0.0.0.0:*               7 
    

I notice that the netbios ports 137, 138 and 139 (yes I know one of 
them isn't)  have an address attached to them which is 172.16.113.1.  
Anyone who knows the net will be able to do dig -x for that address 
and this is what I get for dig -x ....

; <<>> DiG 8.3 <<>> -x 
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUERY SECTION:
;;	1.113.16.172.in-addr.arpa, type = ANY, class = IN

;; AUTHORITY SECTION:
16.172.in-addr.arpa.	2h59m52s IN SOA  blackhole.iana.org. 
crain.icann.org. (
					19971502	; serial
					3H		; refresh
					15M		; retry
					1W		; expiry
					1D )		; minimum




Would anyone like to comment on this ?  I'm trying to understand 
whether this is a surveillance effort or if it's just the normal way 
of the world with my desktop machine.

Thanks



-- 
Richard
___________________________________________________________________

Sheffield Linux User's Group - http://www.sheflug.co.uk . 
To unsubscribe from this list send mail to 
shef-lug-request@list.sheflug.org.uk with the word
"unsubscribe" in the body of the message. 

  GNU the choice of a complete generation.

Follow-Ups:
- Re: [Sheflug] Any Explanations ?
  - From: Chris J

Prev by Date: [Sheflug] Re: x86 to Mac CDs
Next by Date: [Sheflug] Sheflug - Next Meeting
Prev by thread: [Sheflug] Dumb terminals on XP
Next by thread: Re: [Sheflug] Any Explanations ?
Index(es):
- Date
- Thread