On Tue, Jul 09, 2002 at 09:45:21PM -0400, gilson redrick wrote:
Hi all,
Responding a SuSEr, another suggested he might use netstat -a. Out of curiosity, I did it. Since I'm not connected to any network and use dial-up mainly to get e-mail, with an occasional incursion into "www" realm, I didn't expect netstat to show anything, and that's when my jaw dropped! I had no idea! There are nearly 100 entries, from tcp 0 0 *:printer *:* LISTEN tcp 0 0 *:sunrpc *:* LISTEN tcp 0 0 *:6000 *:* LISTEN tcp 0 0 *:ssh *:* LISTEN udp 0 0 *:sunrpc *:* all the way down to unix 4 [ ] STREAM CONNECTED 5376 /tmp/.X11-unix/X0 unix 3 [ ] STREAM CONNECTED 2095 unix 2 [ ] DGRAM 1543 unix 2 [ ] DGRAM 1443 unix 2 [ ] DGRAM 1086
What's all that garbage? What's a tcp 6000 listening to what? And a unix3 connected to a 2095? Really, the question boils down to, is that something I should worry about or ignore?
TCP port 6000 is where the X Window system listens for remote connections. That is normal. All of those "unix" entries are not really network ports, they are local unix sockets that only accept connections from processes on the same computer. A rather elegent way to handle interprocesss communication, but not a remote security threat. As far as whether to worry about this stuff, well, since you are not connected to internet full time, you are not at risk as much as people who are. On the other hand, you should pay attention to what is running on your machine. A good security measure is to shut off things you don't need. You have to balance that with learning about things. Best Regards, Keith -- LPIC-2, MCSE, N+ Right behind you, I see the millions Got spam? Get spastic http://spastic.sourceforge.net