Re: [cobalt-security] Just a query

[Alan MacDonald <webmaster@xxxxxxxxxxxxxxx>]

hi,

Did that, and both outputs are pretty much identical, barring missing 
PID/Program name column and path information on the netstat an version. 
There were the same number of processes in both reports, both in Active 
Internet Connections and Active UNIX domain sockets.

My own research has found :

http://archives.neohapsis.com/archives/linux/suse/2000-q4/1072.html

qote from it:

>netstat cannot identify rpc services presented by the kernel. Check
>rpcinfo -p. This should account for the unidentified ports.

I don't know if it's relevant

At 14:53 10/07/2002 +0200, you wrote:
> On Wed, 10 Jul 2002 13:31:22 +0100, you wrote:
>
> >On my regular run through the server, while logged in as root, I got this,
> >should I be worried? I mean, I am logged in as root, and it says it won't
> >show all processes, unless I'm root?
> >
> >[root root]# netstat -anp
> >(Not all processes could be identified, non-owned process info
> >  will not be shown, you would have to be root to see it all.)
>
> hi
> compare your "netstat -anp" output with "netstat -an" (given you do both 
> in a reasonable timeframe - eg. seconds between both calls) - then you 
> should see what ports you're missing out and don't get shown to you.
>
> hk
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security