Re: netstat output evidence of a cracker?

To: debian-user <debian-user@lists.debian.org>
Subject: Re: netstat output evidence of a cracker?
From: Ralph Katz <ralph.katz@rcn.com>
Date: Sat, 10 Nov 2007 17:34:46 -0500
Message-id: <[🔎] 47363206.9090000@rcn.com>
In-reply-to: <[🔎] 1194730850.8046.9.camel@localhost.localdomain>
References: <[🔎] 4735A80D.3080108@cyberspaceroad.com> <[🔎] 1194730850.8046.9.camel@localhost.localdomain>

On 11/10/2007 04:40 PM, Gabriel Parrondo wrote:
> El sáb, 10-11-2007 a las 12:46 +0000, Adam Hardy escribió:
> [...]
>> I can't see anything running on the server now that might be using those 
>> ports, but then if it's rootkitted, I wouldn't would I? Is there a 
>> website out there that I can use from outside my firewall which I can 
>> get a good look at those ports with? Or some other approach?
> 
> There's a site called Shields-up that does what you need.
> 

Shields-up is on grc.com, use for port scans.  Example,
http://www.grc.com/port_21.htm will proble port 21 when you click, or
use directly: https://www.grc.com/x/portprobe=21

The Shields-up link probes multiple ports.  Or use nmap from another box
or ask here for someone to scan you.

Ralph

Reply to:

References:
- netstat output evidence of a cracker?
  - From: Adam Hardy <adam.ant@cyberspaceroad.com>
- Re: netstat output evidence of a cracker?
  - From: Gabriel Parrondo <g.parrondo@gmail.com>

Prev by Date: Re: what's your favourite FLOSS?
Next by Date: Re: File permissions messed up in /var and /tmp
Previous by thread: Re: netstat output evidence of a cracker?
Next by thread: Re: netstat output evidence of a cracker?
Index(es):
- Date
- Thread