You may have install the fakebo package it is design to implemente a fake Back Orifice, to capture attacks of this tipe to your network. Any way run a netstat -p to see wich process is using that port.
Cheers, rak On Tue, Jan 28, 2003 at 04:43:51PM -0600, Kent West wrote: > I just ran the command "sudo nmap -sT -sU localhost" which listed the > following: > > . . . > > 12345/tcp open NetBus > 12346/tcp open NetBus > 27665/tcp open Trinoo_Master > 31335/udp open Trinoo_Register > 31337/tcp open Elite > 31337/udp open BackOrifice > 32770/udp open sometimes-rpc4 > > . . . > > > > Should I be concerned, or is this maybe part of portsentry or something > similar? > > Sweating just a bit, > Kent > > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]