Re: port 6051: hacked?
More information would be helpful, but here is what I've seen on my
systems....
If I run nmap on my system to my outside interface, I get what I expect
(known running services), but when I run nmap from my friends system, I
also get to see all the other services that are being run by my ISP. If
you have the access to another system to run nmap from on your host,
you will probably see the same sort of thing as I have.
Could be what you are seeing here?
David
--- Ramin Motakef <ramin@motakef.de> wrote:
> Hi all,
> Todays nmap run shows me:
>
> Interesting ports on (xxxxxx):
> (The 59984 ports scanned but not shown below are in state: closed)
> Port State Service
> 21/tcp open ftp
> 22/tcp open ssh
> 25/tcp open smtp
> 53/tcp open domain
> 80/tcp open http
> 110/tcp open pop-3
> 111/tcp open sunrpc
> 143/tcp open imap2
> 199/tcp open smux
> 389/tcp open ldap
> 443/tcp open https
> 993/tcp open imaps
> 995/tcp open pop3s
> 3306/tcp open mysql
> 5432/tcp open postgres
> 6051/tcp filtered unknown <--------------
>
> fuser -v 6051/tcp gives no result.
>
> Questions:
> Am i hacked?
> Is there any other way i can tell which program is responsible for
> this port?
> What exactly is the meaning of "filtered"?
>
>
> Info:
> System is running unstable, last upgrade 07-02-2002. Kernel 2.4.5.
> chkrootkit (latest debian) shows nothing strange .
>
> Thanks,
> Ramin
__________________________________________________
Do You Yahoo!?
Yahoo! Finance - Get real-time stock quotes
http://finance.yahoo.com
Reply to: