[besson3c]

$ netstat -a | grep -i "listen"
tcp4 0 0 *.smtp *.* LISTEN
tcp4 0 0 *.kerberos *.* LISTEN
tcp6 0 0 *.kerberos *.* LISTEN
tcp4 0 0 *.50800 *.* LISTEN
tcp4 0 0 localhost.50701 *.* LISTEN
tcp4 0 0 *.ssh *.* LISTEN
tcp6 0 0 *.ssh *.* LISTEN
tcp4 0 0 localhost.ipp *.* LISTEN
tcp6 0 0 localhost.ipp *.* LISTEN

Why is Kerberos open, and what runs on ports 50800 and 50701? I know I could trace this via a tcpdump, but I'm also wondering if anybody knows why ports 50800 and kerberos (88) aren't bound to lo0?

[ghporter]

I think that ports 50701 and 50800 are commonly used by games and P2P apps-got any of those running? Why they're not bound to lo0? Good question...

[analogika]

I remember the last time *I* was bound to the loO - nasty experience.

I hate diarrhea.

[besson3c]

Originally Posted by ghporter 

I think that ports 50701 and 50800 are commonly used by games and P2P apps-got any of those running? Why they're not bound to lo0? Good question...

No, I don't...

If I decide to take the time to trace these, I'll let you know my results

It's not a big deal because my machines are behind a router, but I hope this is not a part of the base OS X install since we used to brag about not having ports open. What do you guys get when you run the netstat command?

[CharlesS]

Here's what I've got:

$ netstat -a | grep -i "listen"
tcp4 0 0 *.daap *.* LISTEN
tcp4 0 0 localhost.ipp *.* LISTEN
tcp6 0 0 localhost.ipp *.* LISTEN
2fb9660 stream 0 0 390f360 0 0 0 /tmp/launch-DSemQK/Listeners

So I'm not getting all the ports that you have. The Kerberos thing was a known issue in Leopard, though, unless they fixed it in 10.5.1 - not sure whether they did or not. What was going on was that whenever you connected to a remote file server, it would open the Kerberos port, which would stay open until you rebooted, even after you disconnected from the remote server. The built-in "firewall" was letting it through, too.

Originally Posted by besson3c 

It's not a big deal because my machines are behind a router, but I hope this is not a part of the base OS X install since we used to brag about not having ports open.

I don't think we can do that anymore - Leopard listens on a bunch of UDP ports by default as well, which you won't detect unless you portscan it from another computer using nmap. And, of course, the "firewall" lets it all through.

[besson3c]

Originally Posted by CharlesS 

Here's what I've got:

$ netstat -a | grep -i "listen"
tcp4 0 0 *.daap *.* LISTEN
tcp4 0 0 localhost.ipp *.* LISTEN
tcp6 0 0 localhost.ipp *.* LISTEN
2fb9660 stream 0 0 390f360 0 0 0 /tmp/launch-DSemQK/Listeners

So I'm not getting all the ports that you have. The Kerberos thing was a known issue in Leopard, though, unless they fixed it in 10.5.1 - not sure whether they did or not. What was going on was that whenever you connected to a remote file server, it would open the Kerberos port, which would stay open until you rebooted, even after you disconnected from the remote server. The built-in "firewall" was letting it through, too.


I don't think we can do that anymore - Leopard listens on a bunch of UDP ports by default as well, which you won't detect unless you portscan it from another computer using nmap. And, of course, the "firewall" lets it all through.

So it looks like you just have iTunes and printing listening... hmmm...

I do have a sshfs mount right now (I almost always do), so perhaps that explains Kerberos. I'm assuming Apple enabled Kerberos for me thinking that I might want to use Back to my Mac? Seeing as how I don't have a .Mac account, this isn't terribly thoughtful of them

Thanks for passing that info on about Kerberos, I wasn't aware of this bug...

[CharlesS]

Well, the bug was widely publicized around Leopard's release, so it was definitely in 10.5.0. I don't know if it's in 10.5.1 or not, but what you could do is reboot, see if it's not open when it starts back up, and see if it opens when you mount the sshfs volume.