yeah try lsof -i and findout which processes are responsible for spawnage of these ports, and close them. If incase these ports do not show up in lsof, then prolly you have a trojanned losf (rarely) , and you need to pack yourself up for a forensics analysis.
Regards, --------- Muhammad Faisal Rauf Danka Chief Technology Officer Gem Internet Services (Pvt) Ltd. web: www.gem.net.pk voice: 92-021-111-GEMNET Vice President Pakistan Computer Emergency Responce Team (PakCERT) web: www.pakcert.org Chief Security Analyst Applied Technology Research Center (ATRC) web: www.atrc.net.pk voice: 92-21-4980523 92-21-4974781 "Great is the Art of beginning, but Greater is the Art of ending. " ------BEGIN GEEK CODE BLOCK---- Version: 3.1 GCS/CM/P/TW d- s: !a C++ B@ L$ S$ U+++ P+ L+++ E--- W+ N+ o+ K- w-- O- PS PE- Y- PGP+ t+ X R tv+ b++ DI+ D G e++ h! r+ y+ ------END GEEK CODE BLOCK------ --- [EMAIL PROTECTED] wrote: >Dear all > >I used the netstat -an and got the following unknown port >What are the meaning and can I close it? > >Thank you > >Active UNIX domain sockets (servers and established) >Proto RefCnt Flags Type State I-Node Path >unix 2 [ ACC ] STREAM LISTENING 1273 /tmp/cd_sockV4 >unix 2 [ ACC ] STREAM LISTENING 1314 /tmp/td_sockV4 >unix 2 [ ACC ] STREAM LISTENING 1255 /dev/gpmctl >unix 3 [ ] DGRAM 2483 /dev/log >unix 2 [ ACC ] STREAM LISTENING 1357 >/tmp/.font-unix/fs7100 >unix 2 [ ] DGRAM 2493 >unix 2 [ ] DGRAM 1368 >unix 2 [ ] DGRAM 1293 >unix 2 [ ] DGRAM 1222 >unix 2 [ ] DGRAM 1148 >unix 2 [ ] STREAM CONNECTED 605 > >Proto Recv-Q Send-Q Local Address Foreign Address >State >tcp 0 0 0.0.0.0:22321 0.0.0.0:* >LISTEN >tcp 0 0 0.0.0.0:22289 0.0.0.0:* >LISTEN >tcp 0 0 192.168.0.111:33307 203.255.112.96:37 >TIME_WAIT > > > >_______________________________________________ >Redhat-list mailing list >[EMAIL PROTECTED] >https://listman.redhat.com/mailman/listinfo/redhat-list _____________________________________________________________ --------------------------- [ATTITUDEX.COM] http://www.attitudex.com/ --------------------------- _____________________________________________________________ Promote your group and strengthen ties to your members with [EMAIL PROTECTED] by Everyone.net http://www.everyone.net/?btn=tag _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list