machine compromise??? port 3086 open on 2.2

To: debian-user@lists.debian.org
Cc: freedman@ccmr.cornell.edu
Subject: machine compromise??? port 3086 open on 2.2
From: Daniel Freedman <freedman@ccmr.cornell.edu>
Date: Tue, 7 Nov 2000 02:43:24 -0500 (EST)
Message-id: <[🔎] Pine.LNX.4.10.10011070237430.27250-100000@gun.lassp.cornell.edu>

Hi,

I was just running nmap on my Debian 2.2 box and noticed the following
output:


[root@herc /home/freedman]# nmap -sT osprey

Starting nmap V. 2.12 by Fyodor (fyodor@dhp.com, www.insecure.org/nmap/)
Interesting ports on osprey (192.168.0.1):
Port    State       Protocol  Service
22      open        tcp        ssh             
25      open        tcp        smtp            
53      open        tcp        domain          
3086    open        tcp        sj3             

Nmap run completed -- 1 IP address (1 host up) scanned in 0 seconds


The sj3 service on port 3086 flicked into existence on this one scan but
was never in existence before or after.  I didn't even know what it was! A
Google search showed it to be Kanji Character output service, or something
similar.  I never explicitly installed or configured this, and have a
relatively plain-vanilla machine.  Is this cause for concern?  Does it
suggest my machine was compromised?  What should I investigate further?

Suggestions appreciated and gratefully received.

Thanks so much,

Daniel

Reply to:

Follow-Ups:
- Re: machine compromise??? port 3086 open on 2.2
  - From: Damien <bitwise@repose.cx>
- Re: machine compromise??? port 3086 open on 2.2
  - From: Moritz Schulte <tux@gmx.li>
- Re: machine compromise??? port 3086 open on 2.2
  - From: kmself@ix.netcom.com
- Re: machine compromise??? port 3086 open on 2.2
  - From: 510064901071-0001@t-online.de (Timo Benk)

Prev by Date: Re: audio in
Next by Date: Re: exmh(exim) problem
Previous by thread: Re: Vim's background colour
Next by thread: Re: machine compromise??? port 3086 open on 2.2
Index(es):
- Date
- Thread