|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [suse-security] rootkit?
From: Sascha Cunz (Lists
SaCu.DE)
Date: Fri Jan 02 2004 - 00:51:38 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> I checked it from home, using nmap (which isn't installed of the maschine
> in question). I thought it might be safer to check from outside.
>
> > could be that your ISP is filtering port 6667. It is commonly (ab)used
> > for IRC and therefor a fairly well known vulnerability. Some ISP's don't
> > want their customers to run servers, the only reason why you might need
> > it. As an 'ordinary' user, you wouldn't be harmed by filtering. Check
> > with your acceptable use policy of your provider.
>
> Hm, haven't thought of this yet. I'll have to check this with our ISP,
> thanx for the advice.
Hi,
however.
netstat -anp
on the box in question, will show you soon what it is listening on and also
assign a proccess to a) each existing connection and b) each listened-for
connection.
Sascha
--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]