Firewall Debian : http://www.cyberdogtech.com/firewalls/
sudo apt-get install fwbuilder fwbuilder-linux
firewall rules
iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 8000 -j DNAT --to-destination 192.168.0.1:80
nmaproot@ttyp0[[nrv]]# nmap localhost Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2004-02-27 09:14 CET Interesting ports on localhost (127.0.0.1): (The 1639 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 21/tcp open ftp 22/tcp open ssh 25/tcp open smtp 53/tcp open domain 79/tcp open finger 80/tcp open http 98/tcp open linuxconf 110/tcp open pop3 111/tcp open rpcbind 113/tcp open auth 139/tcp open netbios-ssn 445/tcp open microsoft-ds 515/tcp open printer 631/tcp open ipp 953/tcp open rndc 993/tcp open imaps 995/tcp open pop3s 4000/tcp open remoteanything 8007/tcp open ajp12 10000/tcp open snet-sensor-mgmt Nmap run completed -- 1 IP address (1 host up) scanned in 4.953 seconds
check for unknown services :
nmap -sS -O -sV -vvv localhost
8007/tcp open ajp12?
lsof -i @localhost:8007 | 1322 www-data 5u IPv4 4138 TCP localhost:8007 (LISTEN)
http://www.insecure.org/cgi-bin/servicefp-submit.cgi
netstat -tap | grep LISTEN # see [[IMAP]]
1029/tcp open mstask Microsoft mstask (task server - c:\winnt\system32\Mstask.exe) # http://grc.com/port_1029.htm 1110/tcp open nfsd-status?
ed2k://|file|rkhunter-1.2.3.tar.gz|169545|8f6c1d93e0f560f1891817904f1f494a|
I'am providing a Debian package
ed2k://|file|Thomas_Xavier_Martin-Insecurite_info-UTLS.ogg|24076886|21cba343a8db4ea02a08366380d8d581|