Re: other mysterious port things
I'm a disquette with this utilities clean.
#mount /dev/fd0 /floppy
Ken Seefried wrote:
> Tim Haynes writes:
> > <sigh> Why do people persist in using nmap at test phase? Sure, if you've
> > been cracked, scan yourself if you want, but if you're looking to see `what
> > do I have open?' then nmap is the *last* tool I'd use.
> > Go back to
> > sudo netstat -plan | grep LIST
> Well...that would be incorrect. If you have been cracked, or suspect you
> might have, then you cannot completely rely on the output of netstat, ps,
> lsof, etc. Many of the rootkits I've seen quite effectively hide themselves
> behind trojan utilities and shared libs, making detection by such casual
> methods as you indicate difficult.
> An acurrate assessment requires more than a single tool.
> Ken Seefried, CISSP
> To UNSUBSCRIBE, email to firstname.lastname@example.org
> with a subject of "unsubscribe". Trouble? Contact email@example.com