You may have install the fakebo package it is design to implemente a fake
Back Orifice, to capture attacks of this tipe to your network. Any way run
a netstat -p to see wich process is using that port.
Cheers,
rak
On Tue, Jan 28, 2003 at 04:43:51PM -0600, Kent West wrote:
> I just ran the command "sudo nmap -sT -sU localhost" which listed the
> following:
>
> . . .
>
> 12345/tcp open NetBus
> 12346/tcp open NetBus
> 27665/tcp open Trinoo_Master
> 31335/udp open Trinoo_Register
> 31337/tcp open Elite
> 31337/udp open BackOrifice
> 32770/udp open sometimes-rpc4
>
> . . .
>
>
>
> Should I be concerned, or is this maybe part of portsentry or something
> similar?
>
> Sweating just a bit,
> Kent
>
>
>
>
> --
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact
> [EMAIL PROTECTED]
>
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
