That site is a good start. then from there I like to check the
/var/log directory, run dmesg and see if the port was ever put in
listening mode. Bring over a clean ps, ls, du, df, lsof, netstat and
from there you can start to get a real picture of the machine.