[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] rootkit?



> I checked it from home, using nmap (which isn't installed of the maschine
> in question). I thought it might be safer to check from outside.
>
> > could be that your ISP is filtering port 6667. It is commonly (ab)used
> > for IRC and therefor a fairly well known vulnerability. Some ISP's don't
> > want their customers to run servers, the only reason why you might need
> > it. As an 'ordinary' user, you wouldn't be harmed by filtering. Check
> > with your acceptable use policy of your provider.
>
> Hm, haven't thought of this yet. I'll have to check this with our ISP,
> thanx for the advice.

Hi,
however.
	netstat -anp
on the box in question, will show you soon what it is listening on and also 
assign a proccess to a) each existing connection and b) each listened-for 
connection.

Sascha

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here