Dear All, Just noticed (whilst portscanning myself) that port 775 (entomb) is open. All I can find in the way of a description is an RFC which is less than informative. Can anyone help me as to finding out what this is? It sounds like some BackOrifice thing. Or am I just paranoid? Thanks, Charlie
Hi On Sat, Sep 16, 2000 at 08:06:54PM +0100, Charles Price wrote:
Just noticed (whilst portscanning myself) that port 775 (entomb) is open.
All I can find in the way of a description is an RFC which is less than informative. Can anyone help me as to finding out what this is? It sounds like some BackOrifice thing. Or am I just paranoid? You should find out which process is bound to this port. Try one of:
fuser -n tcp 775 lsof -i tcp:775 lsof is generally quite a good tool to keep an eye over your server and to check whether some "strange" services run on your host. However you should verify that it is not trojaned then. Could be some RPC service on that port (given it is TCP, of course), but I'm not sure though... MfG/Regards, Alexander -- Alexander Reelsen http://joker.rhwd.de ref@linux.com GnuPG: pub 1024D/F0D7313C sub 2048g/6AA2EDDB ar@rhwd.net 7D44 F4E3 1993 FDDF 552E 7C88 EE9C CBD1 F0D7 313C Securing Debian: http://joker.rhwd.de/doc/Securing-Debian-HOWTO
Just noticed (whilst portscanning myself) that port 775 (entomb) is open.
All I can find in the way of a description is an RFC which is less than informative. Can anyone help me as to finding out what this is? It sounds like some BackOrifice thing. Or am I just paranoid? You should find out which process is bound to this port. Try one of:
fuser -n tcp 775 lsof -i tcp:775
lsof is generally quite a good tool to keep an eye over your server and to check whether some "strange" services run on your host. However you should verify that it is not trojaned then.
Could be some RPC service on that port (given it is TCP, of course), but I'm not sure though...
This is most likely the rpc.mountd. Another nice gimmick, similar to fuser and lsof, is `netstat -anp'.
MfG/Regards, Alexander
Roman.
--
- -
| Roman Drahtmüller
participants (3)
-
Alexander Reelsen
-
Charles Price
-
Roman Drahtmueller