netstat -anp | grep 1008 tcp 0 0 0.0.0.0:1008 0.0.0.0:* LISTEN 828/rpc.rquotad
Wow...rpc.quotad. Interesting...I think there might have been a quota update somewhere in what I updated, recently...but this is the first time I saw this. I don't recall seeing rpc.quotad before. Very interesting. I guess I don't need to sweat that, then. Thanks. On Sun, 27 Jan 2002, Devon wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Sunday 27 January 2002 04:29 am, Mike Burger wrote: > > I run "chkrootkit" on my system, nightly, to try to ensure that > > nobody's found a way behind my firewall and hacked in. > > > > This morning, while perusing my nightly logs and messages, chkrootkit > > came up with a positive hit in its BINDSHELL tests, telling me that > > something was listening on port 1008. > > > > This, of course, did not happen, yesterday. > > > > The only real change is that I ran up2date, and downloaded the latest > > XFree86 packages, bringing them to .eve. 4.1.0-15. > > Hi Mike, > > You could try 'netstat -anp | grep 1008' which should show the process > responsible. You have to be root to see all the processes. > > You might try '/usr/sbin/lsof | grep 1008' as well. > > For what it is worth, I have the latest updates here as well, and nothing > listening on that port. > > # rpm -q XFree86 > XFree86-4.1.0-15 > # netstat -anp | grep 1008 > > Hope that helps, > > - -D > > - -- > > pgp key: http://www.tuxfan.homeip.net:8080/pgpkey.txt > > - -- > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.6 (GNU/Linux) > Comment: For info see http://www.gnupg.org > > iD8DBQE8VBa6eMAUbzJhSVcRAqkVAJ9Ryu8L7078ljuvyHQKJboVsvAraQCgmqdQ > zw+gx3k4SIgrXLipNkk+xQ0= > =nrss > -----END PGP SIGNATURE----- > > > > _______________________________________________ > Redhat-list mailing list > [EMAIL PROTECTED] > https://listman.redhat.com/mailman/listinfo/redhat-list > _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
