[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Hacker activity?
- Subject: Re: [cobalt-security] Hacker activity?
- From: John Sim <johns@xxxxxxxxx>
- Date: Mon, 26 Feb 2001 09:40:51 +0000
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Wed, Feb 21, 2001 at 10:18:39AM -0000, Drage, Nicholas wrote:
>
> Don't worry Rodrigo, these "hits" are merely your RaQ monitoring its
> services to see if they are still up and listening.
>
> "127.0.0.1" refers to localhost, the host itself, in all TCP/IP
> implementations ( as far as I'm aware anyway ). Might be worth you reading
> a TCP/IP primer or two.
>
> Prompts a thought though, on the local machine surely there's an easier way
> to see if a port is listening that to make a TCP/IP connection to it?
Well, depends on what kind of monitoring you want. You could check the
deamon/service was running, but this does not show that it is actually
binding to a port. You could [as suggested] use netstat [or lsof] output to
check if a port was listed as "listening".
IIRC the monitoring is done this way to check that sensible data can be
fetched from the service so that a near certain "it's working, look I got
data!" style test can be performed.
--
John Sim
Systems Administrator
Interactive Services o
Demon Internet @ Thus o o