[wplug] port 1434 open?

billings at negate.org billings at negate.org
Mon Jun 23 11:14:45 EDT 2003


Try using 'lsof' to track it down.  Can you still see the port open with
nmap?  If it's a TCP port, can you telnet?  



If your system is compromised, though, you're probably not going to be
able to see it.  I suggest downloading 'chkrootkit' and running it.

http://www.chkrootkit.org/

On Mon, 2003-06-23 at 11:14, John Harrold wrote:
> Sometime in June billings at negate.org assaulted the keyboard and produced:
> 
> | You'd probably better take a look at netstat to see what process is
> | holding that port open, try 'netstat -tulp' to see all processes and the
> | tcp and udp ports that they're listening on.
> 
> it didn't show up there. any other ideas?
-- 
Jonathan S Billings <billings at negate.org>
TSFNKP



More information about the wplug mailing list