May 20th, 2003, 01:15 AM
Hey all, i have just recently loaded redhat 8.0 on my box and just for fun i ran nmap on my box to see what was open. out of all the the ports that were open, and there were a few, i found port 22 sh open.
I was wondering if anyone new what this port or program was and if it is a threat. any information on this would be great thanks all.
May 20th, 2003, 01:20 AM
www.google.com should give you more than you need.
You might want to delete that other thread, because two are now on the front board.
May 20th, 2003, 02:16 AM
i have searched google and only find information about .sh programs. what is sh ? and why would it be running on my computer? (new to linux)
May 20th, 2003, 02:36 AM
I think you mean SSH, which is Secure Shell. Go Here to learn more on SSH.
Ssh (Secure Shell) is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another. It provides strong authentication and secure communications over unsecure channels. It is intended as a replacement for rlogin, rsh, and rcp.
Damit, im sorry this is the true definition of sh from oreillynet.com :
sh [options] [file [arguments]]
The standard Unix shell, a command interpreter into which all other commands are entered. On Linux, this is just another name for the bash shell.
May 20th, 2003, 02:40 AM
Word of advice....you've posted the same thing twice. Open the thread with no replies, click edit and delete the post before the negs start piling on you.
It isn't paranoia when you KNOW they're out to get you...
May 20th, 2003, 02:43 AM
May 20th, 2003, 04:08 AM
May 20th, 2003, 10:17 AM
Port 22 is secure shell. It allows secure remote administration of *nix computers. It is extremely secure and replaces telnet and rlogin. I would not be worried having port 22 open. I have this port open on all of my computers.
Wine maketh merry: but money answereth all things.
May 20th, 2003, 10:36 AM
Well people have kindly pointed out that ssh is the secure shell intended for computer's to communicate through a network or the internet to filter it you will need to write iptables rules (or ipchains) but we will stick with iptables first thing to do is turn off ipchains from booting at start up to do this
/sbin/chkconfig --level 12345 ipchains off
then turn on iptables
/sbin/chkconfig --level 345 iptables on
now unload ipchains /etc/init.d/ipchains stop ; /sbin/modprobe -r ipchains
now start ip tables with /etc/init.d/iptables start
creat a small script called firewall or what ever you want to call it enter
./iptables -A INPUT -p tcp --dport 22 -j DROP
Apply rules that you see fit for what ports you want filtered
move the file to /sbin if iptables is not in your PATH or set your path to /sbin note you need to be root to run iptables
when you are done writing your rules run iptables -L to see how it was loaded in to the kernel and if all is happy
run iptables--save > /etc/sysconfig/iptables
hope this helps.
side note when you finish the script chmod 750 <what ever you call it> then run it with ./
By the sacred **** of the sacred psychedelic tibetan yeti ....We\'ll smoke the chinese out
The 20th century pharoes have the slaves demanding work