Mailinglist Archive: opensuse-security (520 mails)

< Previous Next >
Re: [suse-security] netstat-output
  • From: Stefan Suurmeijer <stefan@xxxxxxxxxxxx>
  • Date: Tue, 5 Dec 2000 17:28:06 +0100 (CET)
  • Message-id: <Pine.LNX.4.30.0012051716450.4533-100000@xxxxxxxxxxxxxxxxxxxx>
On Tue, 5 Dec 2000, Martin Geigl wrote:

> Hi all,
> had an attack attempt a few days ago via the kstatd, but it seemed to me
> it wasn't successfull. I did an netstat -p to check and got the
> following:
> (Not all processes could be identified, non-owned process info
> will not be shown, you would have to be root to see it all.)
> But I was root!
> My question now is, is this a standard comment of netstat or is there a
> "hidden" program running, which even root can't see (e.g. some trojan
> horse)?

AFAIK it just means what it says: netstat can't identify all running
processes. Maybe not the best choice of words, but no trojan causing it.
If you're afraid you've been hacked, check out CERT's checklist
( It has a number of steps you can check. For instance
checking the md5sum of ps, ls etc.

> Thanks in Advance
> Martin
> --


< Previous Next >
Follow Ups