Something listening on port 1135

Just Another SuSE User

2 Apr 2001 2 Apr '01

17:13

I have something listening on port 1135 and am trying to figure out what it is. I can telnet to that port and enter commands, but I get no feedback hinting at what is there. I cannot systematically shutdown services since this box is in production. I disable a lot of the stuff that comes default under 7.0. In addition, I am running the following services on this machine: Oracle 817 (listener is only on 1521), MySQL (port 3306), Apache (only port 80), SMTP, pop3, ssh, and Weblogic (port 7001). Anyone have any ideas what typical listens on port 1135? Thanks, CC

Show replies by date

Mads Martin Jørgensen

2 Apr 2 Apr

17:21

New subject: [SLE] Something listening on port 1135

* Just Another SuSE User [Apr 02. 2001 10:20]:

...

I have something listening on port 1135 and am trying to figure out what it is. I can telnet to that port and enter commands, but I get no feedback hinting at what is there. I cannot systematically shutdown services since this box is in production. I disable a lot of the stuff that comes default under 7.0. In addition, I am running the following services on this machine: Oracle 817 (listener is only on 1521), MySQL (port 3306), Apache (only port 80), SMTP, pop3, ssh, and Weblogic (port 7001).

Anyone have any ideas what typical listens on port 1135?

No, but you can get the info on which program listens on which sockets with the lsof (list open files) program. -- Mads Martin Joergensen, http://mmj.dk "Why make things difficult, when it is possible to make them cryptic and totally illogic, with just a little bit more effort." -- A. P. J.

Mads Martin Jørgensen

17:21

New subject: [SLE] Something listening on port 1135

* Mads Martin Jørgensen [Apr 02. 2001 10:21]:

...

* Just Another SuSE User [Apr 02. 2001 10:20]:

...
I have something listening on port 1135 and am trying to figure out what it is. I can telnet to that port and enter commands, but I get no feedback hinting at what is there. I cannot systematically shutdown services since this box is in production. I disable a lot of the stuff that comes default under 7.0. In addition, I am running the following services on this machine: Oracle 817 (listener is only on 1521), MySQL (port 3306), Apache (only port 80), SMTP, pop3, ssh, and Weblogic (port 7001).

Anyone have any ideas what typical listens on port 1135?

No, but you can get the info on which program listens on which sockets with the lsof (list open files) program.

And ports of course. -- Mads Martin Joergensen, http://mmj.dk "Why make things difficult, when it is possible to make them cryptic and totally illogic, with just a little bit more effort." -- A. P. J.

James Oakley

18:05

New subject: [SLE] Something listening on port 1135

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Monday 02 April 2001 14:13, Just Another SuSE User wrote:

...

Anyone have any ideas what typical listens on port 1135?

Try: netstat -ap That will list everything that's open or connected, and it's status. IP sockets are listed first. The rest should be UNIX sockets. The p option specifies the PID and name of program with the open port. - -- James Oakley Engineering - SolutionInc Ltd. joakley@solutioninc.com http://www.solutioninc.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6yL+E+FOexA3koIgRAiJdAKCXTKbtBcBsjbniLU5tSFtD8l0LawCfd0b9 qDKc6v66uMTuLfiCoHD8Oko= =h0h4 -----END PGP SIGNATURE-----

Just Another SuSE User

18:29

New subject: [SLE] Something listening on port 1135

[Internal error while calling pgp, raw data follows] *BONK* thankx man. I forgot netstat does that, if I would have just read the damn man page. I have been using netstat so long I forget that it does a lot more than just the common options. The process was kdeinit: kxmlr Next question: What is this process and is this secure? Thanks, CC

...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

On Monday 02 April 2001 14:13, Just Another SuSE User wrote:

...
Anyone have any ideas what typical listens on port 1135?

Try:

netstat -ap

That will list everything that's open or connected, and it's status. IP sockets are listed first. The rest should be UNIX sockets. The p option specifies the PID and name of program with the open port.

- -- James Oakley Engineering - SolutionInc Ltd. joakley@solutioninc.com http://www.solutioninc.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org

iD8DBQE6yL+E+FOexA3koIgRAiJdAKCXTKbtBcBsjbniLU5tSFtD8l0LawCfd0b9 qDKc6v66uMTuLfiCoHD8Oko= =h0h4 -----END PGP SIGNATURE-----

-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq

[End of raw data]

James Oakley

19:26

New subject: [SLE] Something listening on port 1135

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Monday 02 April 2001 15:29, Just Another SuSE User wrote:

...

[Internal error while calling pgp, raw data follows] *BONK* thankx man.

I forgot netstat does that, if I would have just read the damn man page. I have been using netstat so long I forget that it does a lot more than just the common options.

The process was kdeinit: kxmlr

Next question: What is this process and is this secure?

That's kxmlrpcd, which allows KDE to respond to XML RPC calls. It's part of the new KDE architecture, but I haven't dived into it yet, so I don't know if it's absolutely necessary yet. My guess is that it is. If it's running, it's probably used by some KDE programs (maybe all, who knows). I'd say your best bet is to make sure that the port isn't open to the world instead of not running it. The SuSEfirewall script is highly recommended because it closes everything by default, letting you specify what you want open explicitly. - -- James Oakley Engineering - SolutionInc Ltd. joakley@solutioninc.com http://www.solutioninc.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6yNKB+FOexA3koIgRArKCAJ9Wdo63+mnAehmkYOjh9GlbVXN+SwCeNynT pAIg9c4ipfGSzrAuTMHKYp0= =v8a2 -----END PGP SIGNATURE-----

8435

Age (days ago)

8435

Last active (days ago)

List overview

Download

5 comments

3 participants

participants (3)

James Oakley
Just Another SuSE User
Mads Martin Jørgensen