You better closedown port 111, this is popular port for hackers. And if you do not use mysql also close port 3306 Wilco -----Original Message----- From: S.Zaytsev [mailto:zse@maris.ru] Sent: Friday, March 15, 2002 3:07 PM To: security-discuss@linuxsecurity.com Subject: Re: Strange Ports !!! Hi ! try netstat -anp | grep 862 try netstat -anp | grep 956 try netstat -anp | grep 957 Regards, ZSE ----- Original Message ----- From: "Tiago Fioreze" <tapera@inf.ufsm.br> To: <security-discuss@linuxsecurity.com> Sent: Friday, March 15, 2002 4:58 PM Subject: Strange Ports !!! > > > Hi !!! > > I'am observing that my web server has some 'strange' ports. The program > nmap showed the following : > > Port State Service > 22/tcp open ssh > 25/tcp open smtp > 80/tcp open http > 111/tcp open sunrpc > 443/tcp open https > --> 862/tcp open unknown > --> 956/tcp open unknown > --> 957/tcp open unknown > 2401/tcp open cvspserver > 3306/tcp open mysql > 8080/tcp open http-proxy > 32770/tcp open sometimes-rpc3 > > I consulted in the web about these three strange ports, and the answer > that I get was 'Unassigned' > > I would like to know what to make in a case of these, when strange > ports appear in the machines of my network ? > > Thanks a lot ! > > Tiago Fioreze > > ------------------------------------------------------------------------ > To unsubscribe email security-discuss-request@linuxsecurity.com > with "unsubscribe" in the subject of the message. > ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message.
