Woops, no. Tks for pointing that out.
On Fri, 14 Dec 2001, Zhasper wrote:
> Were you root at the time?
--
Howard.
LANNet Computing Associates - Your Linux people
Contact detail at http://www.lannetlinux.com
"We are either doing something, or we are not.
'Talking about' is a subset of 'not'.
On Fri, Dec 14, 2001 at 07:56:51AM +1100, Howard Lowndes wrote:
> An interesting aside on this one.
>
> I did a netstat -plt on my workstation (which is behind a strong firewall)
> and got the following. Notice how the controlling process doesn't show
> up, and I am wondering what is listening o
Were you root at the time?
If you're not root, you'll only get the PID of the process you own..
My version of netstat says this:
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
On Fri, 14 Dec 2001, Howard Lowndes wrot
An interesting aside on this one.
I did a netstat -plt on my workstation (which is behind a strong firewall)
and got the following. Notice how the controlling process doesn't show
up, and I am wondering what is listening on port 32768 and 32769, even an
lsof doesn't tell me:
Proto Recv-Q Send-Q
Hi,
I take it you are remotely nmapping this machine.
Services coming up in a 'filtered' state are very possibly the upstream
ISP blocking access to these services, lpd, nfs and fingerd have an
unfortunate history of remotely exploitable bugs, so it wouldnt surprise
me if the upstream provide
On Thu, Dec 13, 2001 at 11:08:57PM +1100, Stephan Borg wrote:
> Port State Service
> 139/tcpfilterednetbios-ssn - I don't have Samba
> 515/tcpfilteredprinter - no lpr as far as I'm
> aware
> 1080/tcp filteredsocks - n
"Stephan Borg" <[EMAIL PROTECTED]> writes:
> Hello all,
>
> Over the last couple of days, a Debian 2.2r4 box I work on appears to
> have been infected by a Trojan. I have since upgraded SSH which I think
> was the leak.
>
> I have done an NMAP on the box. I have removed the known services from
Hello all,
Over the last couple of days, a Debian 2.2r4 box I work on appears to
have been infected by a Trojan. I have since upgraded SSH which I think
was the leak.
I have done an NMAP on the box. I have removed the known services from
the output, shown below are the results.
Port State