For what it's worth, I checked my system after the up2date updates and I also have 1008 active. However, it's being used by faxgetty part of my Hylafax setup.
I didn't check before doing the updates and I'm sure it has nothing to do with them. Gerry On Sun, 27 Jan 2002, Devon wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Sunday 27 January 2002 04:29 am, Mike Burger wrote: > > I run "chkrootkit" on my system, nightly, to try to ensure that > > nobody's found a way behind my firewall and hacked in. > > > > This morning, while perusing my nightly logs and messages, chkrootkit > > came up with a positive hit in its BINDSHELL tests, telling me that > > something was listening on port 1008. > > > > This, of course, did not happen, yesterday. > > > > The only real change is that I ran up2date, and downloaded the latest > > XFree86 packages, bringing them to .eve. 4.1.0-15. > > Hi Mike, > > You could try 'netstat -anp | grep 1008' which should show the process > responsible. You have to be root to see all the processes. > > You might try '/usr/sbin/lsof | grep 1008' as well. > > For what it is worth, I have the latest updates here as well, and nothing > listening on that port. > > # rpm -q XFree86 > XFree86-4.1.0-15 > # netstat -anp | grep 1008 > > Hope that helps, > > - -D > > - -- > > pgp key: http://www.tuxfan.homeip.net:8080/pgpkey.txt > > - -- > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.6 (GNU/Linux) > Comment: For info see http://www.gnupg.org > > iD8DBQE8VBa6eMAUbzJhSVcRAqkVAJ9Ryu8L7078ljuvyHQKJboVsvAraQCgmqdQ > zw+gx3k4SIgrXLipNkk+xQ0= > =nrss > -----END PGP SIGNATURE----- > > > > _______________________________________________ > Redhat-list mailing list > [EMAIL PROTECTED] > https://listman.redhat.com/mailman/listinfo/redhat-list > -- "The lyfe so short, the craft so long to learne" Chaucer _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
