In article <[EMAIL PROTECTED]> you write: >Which reminds me, it might be nice for Debian to run something akin to a >port scanner locally from cron.daily or something, so that the sysadmin >will notice such problems better. (Optionally, and not reporting ports >that the sysadmin knows are OK.)
How about something like (beware - quick hack): netstat -a | grep -vE '(kerberos|finger|ftp|pop-3)' That will list all connections and active ports, except for those with kerberos, finger, ftp and pop-3 listed. I imagine it would be easy to make that more robust, but you should get the general idea. Perhaps you may only want to include lines with *:* so that active connections are not counted. -- Brian May <[EMAIL PROTECTED]>