Security Incidents: Re: Strange Behaviour !

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

Re: Strange Behaviour !

From: Christian Vogel <chris () obelix hedonism cx>
Date: Fri, 26 Oct 2001 20:34:50 +0200

Hi,

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 0.0.0.0:32768        0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:98              0.0.0.0:*               LISTEN


newer "net-tools" have the ability to display the process which is listening
on a specific port. As root execute "netstat -lnp" and you'll see:

[root () emil /root]# netstat -lnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State  PID/Program name
tcp        0      0 0.0.0.0:32768 0.0.0.0:*       LISTEN 461/rpc.statd
(...)
tcp        0      0 0.0.0.0:6000  0.0.0.0:*       LISTEN 811/X
(...)

        Chris

-- 
Everything is gone;
Your life's work has been destroyed.
Squeeze trigger (yes/no)?
-- David Carlson

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

By Date By Thread

Current thread:

Strange Behaviour ! Naseer Bhatti (Oct 26)
- Re: Strange Behaviour ! dewt (Oct 26)
  - Re: Strange Behaviour ! Naseer Bhatti (Oct 26)
- Re: Strange Behaviour ! Christian Vogel (Oct 26)