On Sat, Apr 21, 2001 at 03:47:59AM -0400, hpknight wrote: > > Then I did a "find / -inum 127022" but there is no file with that > > inode. Uh oh. That can't be good either. The firewall runs an old redhat > > 6.2 install (haven't converted everything to debian, but I'm working on > > it!) with most everything turned off, as seen from the netstat output. > > A faster way to find out what is using that port would be lsof. For > example: > > lsof -i udp:1112 > Thanks, I've used lsof but didn't realize it applied to network connections as well. > Do you log any OUTGOING packets? > No, but I will try to get some nifty rules set up know that you mention it. The firewall itself should never make outgoing connections, so I can start there. > I know rpm has some verify functions that will help pick out binaries that > have been modified from their original state. Maybe it's just time to > wipe the system clean and install Debian ;) > And that really is the bottom line. Time to install Debian.......... -- Jonathan Freiermuth jon@gnatfart.com
Attachment:
pgpdwUQb59bmd.pgp
Description: PGP signature