On Sun, Apr 14, 2002 at 09:51:18AM -0500, David wrote: > Active Internet connections (servers and established) > Proto Recv-Q Send-Q Local Address Foreign Address State > PID/Program name > raw 0 0 0.0.0.0:1 0.0.0.0:* 7 > - > raw 0 0 0.0.0.0:6 0.0.0.0:* 7 > - These are not services listening on ports 1 and 6. Look in the left column, where it says "raw". The lines above indicate that you have something listening for raw ICMP (protocol 1) and TCP (proto 6) packets coming from any remote address to any local address. Are you running something like portsentry, ippl, or iplogger? If so, that's what you're seeing. > > Also, can any of the Unix domain sockets be exploited? > Certainly not remotely; they're a local communication channel. noah -- _______________________________________________________ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html
Attachment:
pgpZ9E0a7LETD.pgp
Description: PGP signature