[wplug] port 1434 open?
John Harrold
jmh17 at pitt.edu
Mon Jun 23 11:34:44 EDT 2003
Sometime in June billings at negate.org assaulted the keyboard and produced:
| Try using 'lsof' to track it down. Can you still see the port open with
| nmap? If it's a TCP port, can you telnet?
|
|
|
| If your system is compromised, though, you're probably not going to be
| able to see it. I suggest downloading 'chkrootkit' and running it.
|
| http://www.chkrootkit.org/
i ran chkrootkit and it didn't find anything. i think alex is right. i was
running nmap from my home computer on a box at school. when i run it on
localhost on the school computer the 1434 port doesn't show up. also when i
run it from other computers at school it doesn't show up. this is a filter
placed on the schools routers due to the slammer worm.
--
--------------------------------------------------------------------------
| /"\
john harrold | \ / ASCII ribbon campaign
jmh at member.fsf.org | X against HTML mail
the most useful idiot | / \
--------------------------------------------------------------------------
What difference does it make to the dead, the orphans, and the homeless,
whether the mad destruction is brought under the name of totalitarianism or
the holy name of liberty and democracy?
--Gandhi
--------------------------------------------------------------------------
gpg --keyserver keys.indymedia.org --recv-key F65A739E
--------------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://penguin.wplug.org/pipermail/wplug/attachments/20030623/f038f588/attachment-0001.bin
More information about the wplug
mailing list