Mailinglist Archive: opensuse-security (636 mails)

< Previous Next >
Re: [suse-security] server-check
  • From: Togan Muftuoglu <toganm@xxxxxxxx>
  • Date: Sat, 10 Feb 2001 12:03:37 +0200
  • Message-id: <3A8511F9.85A3FEF1@xxxxxxxx>
Hi everyone,

Running nmap localy I have seen I have two instances of Netbus on port
12345 and 12346 Which puts me in paranoid and port 31337 which someone
mentinoed its an exploit of bind shell.

1) Do I have a trojan working behind or is it me who needs an aspirin
2) How trusty is running nmap locally if you have already been carrying



Starting nmap V. 2.53 by fyodor@xxxxxxxxxxxx ( www.insecure.org/nmap/ )
Host (xxx.xxx.xxx.xxx) appears to be up ... good.
Initiating FIN,NULL, UDP, or Xmas stealth scan against
(xxx.xxx.xxx.xxx)
The UDP or stealth FIN/NULL/XMAS scan took 7 seconds to scan 1523 ports.
Interesting ports on (xxx.xxx.xxx.xxx):
(The 1507 ports scanned but not shown below are in state: closed)
Port State Service
22/tcp open ssh
25/tcp open smtp
37/tcp open time
80/tcp open http
111/tcp open sunrpc
119/tcp open nntp
444/tcp open snpp
515/tcp open printer
888/tcp open accessbuilder
901/tcp open samba-swat
4557/tcp open fax
4559/tcp open hylafax
6000/tcp open X11
12345/tcp open NetBus
12346/tcp open NetBus
31337/tcp open Elite

Nmap run completed -- 1 IP address (1 host up) scanned in 7 seconds


--
Togan Muftuoglu

< Previous Next >
This Thread
References