machine compromise??? port 3086 open on 2.2
Hi,
I was just running nmap on my Debian 2.2 box and noticed the following
output:
[root@herc /home/freedman]# nmap -sT osprey
Starting nmap V. 2.12 by Fyodor (fyodor@dhp.com, www.insecure.org/nmap/)
Interesting ports on osprey (192.168.0.1):
Port State Protocol Service
22 open tcp ssh
25 open tcp smtp
53 open tcp domain
3086 open tcp sj3
Nmap run completed -- 1 IP address (1 host up) scanned in 0 seconds
The sj3 service on port 3086 flicked into existence on this one scan but
was never in existence before or after. I didn't even know what it was! A
Google search showed it to be Kanji Character output service, or something
similar. I never explicitly installed or configured this, and have a
relatively plain-vanilla machine. Is this cause for concern? Does it
suggest my machine was compromised? What should I investigate further?
Suggestions appreciated and gratefully received.
Thanks so much,
Daniel
Reply to: