Date: Mon, 5 Mar 2001 13:15:05 -0500 From: Chris Faulhaber <jedgar@fxp.org> To: dce <dce@squish.org> Cc: security@FreeBSD.ORG Subject: Re: 31337 Message-ID: <20010305131505.A38341@peitho.fxp.org> In-Reply-To: <Pine.BSO.4.10.10103051008420.15904-100000@tomahawk.SQUiSH.org>; from dce@squish.org on Mon, Mar 05, 2001 at 10:20:11AM -0800 References: <Pine.BSO.4.10.10103051008420.15904-100000@tomahawk.SQUiSH.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--1yeeQ81UyVL57Vl7 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Mar 05, 2001 at 10:20:11AM -0800, dce wrote: > Hello, >=20 > I have noticed the following ports open on my FreeBSD 4.2-STABLE machine >=20 > 31337/tcp open Elite > 6667/tcp open irc >=20 > =20 > I have also noticed these open after CVSuping from 4.0-RELEASE to > 4.2-STABLE... Is this normal? Has a rootkit been installed? Any > information provided is greatly appreciated. First step would be to find out what programs have the above ports open (hint: use sockstat)... --=20 Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org --1yeeQ81UyVL57Vl7 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: FreeBSD: The Power To Serve iEYEARECAAYFAjqj16kACgkQObaG4P6BelBW7QCfUrlEEwlfDHtS8gDTSYMXe0oc gBwAn1qTqXwtOGAbpnh6n8HOPWy1RfQd =6Pa0 -----END PGP SIGNATURE----- --1yeeQ81UyVL57Vl7-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010305131505.A38341>