Sorry Me inglesh is poor. Try telnet xxx.yyy.zzz.www 40773 Or nmap -sS xxx.yyy.zzz.www -p 40773
Saludos -- Ulises U. Cuñé Web: http://www.ulises2k.com.ar -----Original Message----- From: [email protected] [mailto:[EMAIL PROTECTED] On Behalf Of Peter M. Abraham Sent: Thursday, September 06, 2007 3:07 PM To: ossec-list Subject: [ossec-list] Re: ossec-rootcheck found hidden ports -- how can I verify if this is a false positive or not? Greetings Steve: I finally got around to installing the latest nmap and checking nmap. PORT STATE SERVICE VERSION 21/tcp open ftp ProFTPD 1.3.0a 22/tcp open ssh OpenSSH 3.6.1p2 (protocol 2.0) 25/tcp open smtp qmail smtpd 53/tcp open domain 80/tcp open http Apache httpd 110/tcp open pop3 qmail pop3d 143/tcp open imap Courier Imapd (released 2005) 443/tcp open http Apache httpd 587/tcp open smtp qmail smtpd 953/tcp open rndc? 3306/tcp open mysql MySQL 5.0.45-community-log 5001/tcp open apc-agent APC PowerChute agent 5432/tcp open postgresql PostgreSQL DB 8009/tcp open ajp13? 8080/tcp open http Apache httpd 8443/tcp open http Apache httpd Yet, ossec-rootcheck shows [FAILED]: Port '40773'(tcp) hidden. Kernel-level rootkit or trojaned version of netstat. Thank you.
smime.p7s
Description: S/MIME cryptographic signature
