Latest XFree86 updates, and port 1008

Mike Burger Sun, 27 Jan 2002 01:14:32 -0800

I run "chkrootkit" on my system, nightly, to try to ensure that nobody's 
found a way behind my firewall and hacked in.


This morning, while perusing my nightly logs and messages, chkrootkit came 
up with a positive hit in its BINDSHELL tests, telling me that something 
was listening on port 1008.

This, of course, did not happen, yesterday.

The only real change is that I ran up2date, and downloaded the latest 
XFree86 packages, bringing them to .eve. 4.1.0-15.

Is there something about this version of XFree86 that now causes something 
to listen on this port (1008)? (For that matter, netstat shows me that 
it's listening on port 1005...even nmap doesn't show that for me...any 
idea what that is?)

netstat -l shows that the port is being listened to, but doesn't really 
give me an indication of what it is (or, I'm just not reading it right):

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 0.0.0.0:32768           0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:32769           0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:515             0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:37              0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:901             0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:3306            0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:139             0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:813             0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:143             0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:79              0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:6000            0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:2000            0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:10000           0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:624             0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:1008            0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:977             0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:113             0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:1267            0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:39093           0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN      
tcp        0      0 192.168.0.1:53          0.0.0.0:*               LISTEN      
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:23              0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:504             0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      
tcp        0      0 127.0.0.1:953           0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:22874           0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:26              0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      
udp        0      0 0.0.0.0:32768           0.0.0.0:*                           
udp        0      0 0.0.0.0:2049            0.0.0.0:*                           
udp        0      0 0.0.0.0:32769           0.0.0.0:*                           
udp        0      0 0.0.0.0:32770           0.0.0.0:*                           
udp        0      0 0.0.0.0:32771           0.0.0.0:*                           
udp        0      0 0.0.0.0:517             0.0.0.0:*                           
udp        0      0 0.0.0.0:518             0.0.0.0:*                           
udp        0      0 192.168.0.1:137         0.0.0.0:*                           
udp        0      0 0.0.0.0:137             0.0.0.0:*                           
udp        0      0 192.168.0.1:138         0.0.0.0:*                           
udp        0      0 0.0.0.0:138             0.0.0.0:*                           
udp        0      0 0.0.0.0:10000           0.0.0.0:*                           
udp        0      0 0.0.0.0:37              0.0.0.0:*                           
udp        0      0 0.0.0.0:811             0.0.0.0:*                           
udp        0      0 192.168.0.1:53          0.0.0.0:*                           
udp        0      0 127.0.0.1:53            0.0.0.0:*                           
udp        0      0 0.0.0.0:67              0.0.0.0:*                           
udp        0      0 0.0.0.0:975             0.0.0.0:*                           
udp        0      0 0.0.0.0:1005            0.0.0.0:*                           
udp        0      0 0.0.0.0:749             0.0.0.0:*                           
udp        0      0 0.0.0.0:622             0.0.0.0:*                           
udp        0      0 0.0.0.0:111             0.0.0.0:*                           
raw        0      0 0.0.0.0:1               0.0.0.0:*               7           
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node Path
unix  2      [ ACC ]     STREAM     LISTENING     1396   public/showq
unix  2      [ ACC ]     STREAM     LISTENING     846578 
/tmp/mcop-mburger/burgers_bubbanfriends_org-143c-3c5351c2
unix  2      [ ACC ]     STREAM     LISTENING     1379   private/cleanup
unix  2      [ ACC ]     STREAM     LISTENING     1384   private/rewrite
unix  2      [ ACC ]     STREAM     LISTENING     1387   private/bounce
unix  2      [ ACC ]     STREAM     LISTENING     1390   private/defer
unix  2      [ ACC ]     STREAM     LISTENING     1393   private/smtp
unix  2      [ ACC ]     STREAM     LISTENING     1735   citadel.socket
unix  2      [ ACC ]     STREAM     LISTENING     1399   private/error
unix  2      [ ACC ]     STREAM     LISTENING     846546 
/tmp/ksocket-mburger/klauncherghOg8b.slave-socket
unix  2      [ ACC ]     STREAM     LISTENING     1402   private/local
unix  2      [ ACC ]     STREAM     LISTENING     848311 /tmp/ksocket-mburger/kdesud_:0
unix  2      [ ACC ]     STREAM     LISTENING     1737   smtp.socket
unix  2      [ ACC ]     STREAM     LISTENING     1405   private/cyrus
unix  2      [ ACC ]     STREAM     LISTENING     1408   private/uucp
unix  2      [ ACC ]     STREAM     LISTENING     1411   private/ifmail
unix  2      [ ACC ]     STREAM     LISTENING     1414   private/bsmtp
unix  2      [ ACC ]     STREAM     LISTENING     1417   private/citadel
unix  2      [ ACC ]     STREAM     LISTENING     846530 /tmp/.ICE-unix/5173
unix  2      [ ACC ]     STREAM     LISTENING     846624 /tmp/.ICE-unix/5088
unix  2      [ ACC ]     STREAM     LISTENING     845735 /tmp/.X11-unix/X0
unix  2      [ ACC ]     STREAM     LISTENING     1469   /dev/gpmctl
unix  2      [ ACC ]     STREAM     LISTENING     1631   /tmp/.font-unix/fs7100
unix  2      [ ACC ]     STREAM     LISTENING     1358   /var/lib/mysql/mysql.sock
unix  2      [ ACC ]     STREAM     LISTENING     846592 
/home/mburger/.kxmlrpcd-socket-DFgvwc
unix  2      [ ACC ]     STREAM     LISTENING     846524 
/tmp/ksocket-mburger/kdeinit-:0



_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Latest XFree86 updates, and port 1008

Reply via email to