|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [suse-security] Port 33270 and Trinity
From: GertJan Spoelman (nobody
localhost.invalid)
Date: Wed May 07 2003 - 17:58:51 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thursday 08 May 2003 00:12, Paul Kozlenko wrote:
> FWIW
> netstat -patn|grep 33270
> gives me:
>
> Proto Recv-Q Send-Q Local Address Foreign Address State
> PID/Program name
> tcp 0 0 0.0.0.0:33270 0.0.0.0:*
> LISTEN -
> (I added the headers in for clarity)
You're probably running a kernel which has the fix for the ptrace hole.
The downside of that fix was that even root doesn't seem to have the right to
show the information for all processes anymore, for example if I look at nfs
which uses port 2049 I see the same, there is no PID or Program name shown
for that port.
On my systems I also see such lines for high ports, I don't know which process
uses them, but you should be able to find that out by shutting them down one
by one and watch when that port disappears.
--
GertJan
Email address is invalid, so don't reply directly, I'm on the list.
--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]