Re: Are these scan logs dangerous ?
On Jul 5, 2009, at 3:26 PM, a dehqan wrote:
But about ident service ,see >
# chkconfig --level 23 identd off
identd: unknown service
But port 113 auth is open ! So which service has opened port 113 ?
Remember your initial warning messages from rhunter:
>>> [11:19:59] Checking for enabled inetd services
[ Warning ]
>>> [11:19:59] Warning: Found enabled inetd service: ident
So, inetd superserver is probably where you want to look. Either
inetd.conf or xinetd.conf or xinetd.d/* ...
But remember, there are legitimate reasons to be running ident.
Brian Bilbrey : firstname.lastname@example.org
"Regulatory science is to science as bear traps are to bears."
Dr. Jerry Pournelle