I receive this log by mail from my server but dont
understand
In my /etc/hosts.deny i have :
--------------------------------------------
ALL:ALL:spawn (safe_finger -l @%h | mail -s %u-%c
root) &:banners /usr/local/etc/banners/deny
portmap: ALL This is a mail from my serveur :
--------------------------------------------
[212.184.103.11]
Login: operator Name: operator Directory: /root Shell: /bin/sh On since Mon Jan 22 08:56 (CET) on pts/0 from 212.93.151.66 41 minutes 26 seconds idle No mail. No Plan. --------------------------------------------
That this mean ? I have a back door in my serveur
?
That can i do ?
This is an nmap on my serveur
---------------------------------------------
[root@mail francois]# nmap -p 1-65000
localhost
Starting nmap V. 2.12 by Fyodor (fyodor@dhp.com, www.insecure.org/nmap/)
Interesting ports on localhost (127.0.0.1): Port State Protocol Service 21 open tcp ftp 22 open tcp ssh 23 open tcp telnet 25 open tcp smtp 53 open tcp domain 110 open tcp pop-3 1543 open tcp simba-cs 3339 open tcp unknown 4181 open tcp unknown Nobody have an idea to help me ?
Thanks for all
|