On Sat, Feb 10, 2001 at 11:14:17AM +0100, Raffy wrote:
Hey,
Port State Service 22/tcp open ssh 25/tcp open smtp 37/tcp open time
Are you sure you need this??? I am using ssh and smtp
80/tcp open http 111/tcp open sunrpc
And this? It's kind of dangerous to have this running. A lot of exploits are floating around which are attacking this service. Unless you _really_ need it. Close it up! Or block it at the firewall at least!!!
Will do asap
119/tcp open nntp
Sure you are using this?
I have Leafnode running with hosts.deny leafnode:ALL EXCEPT LOCAL
444/tcp open snpp 515/tcp open printer 888/tcp open accessbuilder 901/tcp open samba-swat 4557/tcp open fax 4559/tcp open hylafax 6000/tcp open X11
All of the above I'd probably close down as well. I really don't know why you would those services to be running!!!!
12345/tcp open NetBus 12346/tcp open NetBus 31337/tcp open Elite
Nice. As reported earlier on this list. Unplug your machine from the net. Very possible you were hacked!!!!
Now I need more than aspirin
Check what is running behind 12345 with lsof and netstat�!!!
nothing I did fuser -n 12345 fuser -n 12346 netstat -aenp There is nothing running for these or am I running these command wrong
Thanks
Raffy
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- Togan Muftuoglu