There are probably rpc.mountd, rpc.statd, rpc.quotad, and etc from the
nfs/portmapper packages. Try running an lsof on the machine that is
listening to see what has the port open... Example:
lsof -i :862 | grep LISTEN
will show the process that has a port open and listening on your
machine.
--robert
On Fri, 2002-03-15 at 07:58, Tiago Fioreze wrote:
>
>
> Hi !!!
>
> I'am observing that my web server has some 'strange' ports. The program
> nmap showed the following :
>
> Port State Service
> 22/tcp open ssh
> 25/tcp open smtp
> 80/tcp open http
> 111/tcp open sunrpc
> 443/tcp open https
> --> 862/tcp open unknown
> --> 956/tcp open unknown
> --> 957/tcp open unknown
> 2401/tcp open cvspserver
> 3306/tcp open mysql
> 8080/tcp open http-proxy
> 32770/tcp open sometimes-rpc3
>
> I consulted in the web about these three strange ports, and the answer
> that I get was 'Unassigned'
>
> I would like to know what to make in a case of these, when strange
> ports appear in the machines of my network ?
>
> Thanks a lot !
>
> Tiago Fioreze
>
> ------------------------------------------------------------------------
> To unsubscribe email security-discuss-request@linuxsecurity.com
> with "unsubscribe" in the subject of the message.
>
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
