> -----Original Message----- > From: shrike-list-admin@xxxxxxxxxx > [mailto:shrike-list-admin@xxxxxxxxxx] On Behalf Of Jake McHenry > Sent: Sunday, October 12, 2003 12:02 AM > To: shrike-list@xxxxxxxxxx > Subject: RE: Port Question > > > > -----Original Message----- > > From: shrike-list-admin@xxxxxxxxxx > > [mailto:shrike-list-admin@xxxxxxxxxx] On Behalf Of jdow > > Sent: Saturday, October 11, 2003 11:39 PM > > To: shrike-list@xxxxxxxxxx > > Subject: Re: Port Question > > > > > > Jake, that's "chkrootkit" rather than "chkconfig". They have > > two quite different functions. He should look for it (for > > RH9) here: > > http://download.fedora.us/fedora/redhat/9/i386/RPMS.stable/chk > rootkit-0.42-0.fdr.1.b.rh90.i386.rpm > > Change directories modulo what version you are running. > > {^_-} > ----- Original Message ----- > From: "Jake McHenry" <linux@xxxxxxxxxxxxxxxxx> > > > Jake McHenry > > > > -----Original Message----- > > > From: shrike-list-admin@xxxxxxxxxx > > > [mailto:shrike-list-admin@xxxxxxxxxx] On Behalf Of Michael > Schwendt > > > Sent: Saturday, October 11, 2003 10:22 PM > > > To: shrike-list@xxxxxxxxxx > > > Subject: Re: Port Question > > > > > > > > > -----BEGIN PGP SIGNED MESSAGE----- > > > Hash: SHA1 > > > > > > On Sat, 11 Oct 2003 22:11:37 -0400, Jake McHenry wrote: > > > > > > > I have vsftpd as my ftp server. I don't have any files on my > > system > > > > called chkrootkit. > > > > > > You can download a ready-to-use chkconfig rpm from > http://fedora.us > > > -- > Shrike-list mailing list > Shrike-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/shrike-list > > > I think everthing is fine. Here is the output: > The only thing I don't know about is xinetd running on 50629 and named > running on 58861. Ports 616 and 618 are drac. > > I'll have to get those packages and let you know, unless someone knows > of xinetd and named running on those ports.. I don't really want to > install anything new, the machine is working just fine. > > > Jake > > > [root@ntlh root]# netstat -anp > Active Internet connections (servers and established) > Proto Recv-Q Send-Q Local Address Foreign Address > State PID/Program name > tcp 0 0 127.0.0.1:50629 0.0.0.0:* > LISTEN 30519/xinetd > tcp 0 0 0.0.0.0:618 0.0.0.0:* > LISTEN 28423/rpc.dracd > tcp 0 0 0.0.0.0:110 0.0.0.0:* > LISTEN 30519/xinetd > tcp 0 0 0.0.0.0:143 0.0.0.0:* > LISTEN 30519/xinetd > tcp 0 0 0.0.0.0:111 0.0.0.0:* > LISTEN 17774/portmap > tcp 0 0 0.0.0.0:80 0.0.0.0:* > LISTEN 7934/httpd > tcp 0 0 192.168.1.98:53 0.0.0.0:* > LISTEN 6408/named > tcp 0 0 127.0.0.1:53 0.0.0.0:* > LISTEN 6408/named > tcp 0 0 0.0.0.0:21 0.0.0.0:* > LISTEN 590/vsftpd > tcp 0 0 0.0.0.0:22 0.0.0.0:* > LISTEN 552/sshd > tcp 0 0 127.0.0.1:953 0.0.0.0:* > LISTEN 6408/named > tcp 0 0 0.0.0.0:25 0.0.0.0:* > LISTEN 29975/sendmail: acc > tcp 0 48 192.168.1.98:22 24.229.162.18:4078 > ESTABLISHED 24724/sshd > tcp 0 0 192.168.1.98:110 24.229.162.18:4140 > TIME_WAIT - > tcp 0 0 192.168.1.98:110 24.229.162.18:4139 > TIME_WAIT - > tcp 0 0 192.168.1.98:110 24.229.162.18:4133 > TIME_WAIT - > udp 0 0 192.168.1.98:53 0.0.0.0:* > 6408/named > udp 0 0 127.0.0.1:53 0.0.0.0:* > 6408/named > udp 0 0 0.0.0.0:616 0.0.0.0:* > 28423/rpc.dracd > udp 0 0 0.0.0.0:58861 0.0.0.0:* > 6408/named > udp 0 0 0.0.0.0:111 0.0.0.0:* > 17774/portmap > udp 0 0 192.168.1.98:123 0.0.0.0:* > 436/ntpd > udp 0 0 127.0.0.1:123 0.0.0.0:* > 436/ntpd > udp 0 0 0.0.0.0:123 0.0.0.0:* > 436/ntpd > > > -- > Shrike-list mailing list > Shrike-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/shrike-list > There has been some output of tethereal on port 58861. I shut down named and xinetd services, the ports went away. The only thing I have enabled in xinetd is fam, imap, and qpopper. Jake -- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
