[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] socks & sunrpc on a netstat?
- Subject: Re: [cobalt-security] socks & sunrpc on a netstat?
- From: "Carrie Bartkowiak" <ravencarrie@xxxxxxxx>
- Date: Sun, 22 Apr 2001 02:10:31 -0400
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
> you didn't mention which cobalt product you are running,
My apologies! I'm worrying over a RaQ4r.
> but I don't
> think that matters... i never saw any linux listening on the SOCKS
port by
> default (nor having a software to do that by default)
Ack.
> Don't think the ASP did it, unless when designed by Microsoft with
their
> IIS they officially decided to avoid standards and got it to listen
to a
> port already "registered" by another service.
So now I'm worried that I'm hacked. Well, I was worried about that
anyway because I've never seen those before in a netstat. :)
> Use netstat -pl [as root] - you'll see what programs listen on all
the
> ports - unlike a netstat without parms, which only givens you the
*active*
> connections (your machine can listen on ALL ports and it won't show
it!)
Whoa! *blinks at her screen*
Thank you for that command, had never seen all of that before.
Would anyone kill me if I posted my result to the list? (It's kinda
long.)
> Also, sunrpc is a big headache - tons of security issues, even if
it's
> legit, i would close it...
Umm, I would if I knew how? *meek smile*
I tried 'man sunrpc' and my lovely blue headache told me to go pound
sand. I'll try digging through the archives, though (I do try to RTFM
when I have an inkling on what to look for.)
Thank you Shimi!
CarrieB