On 17 Apr 2002, Joshua Newman wrote: > So I ran nmap on my home machine feeling interested in trying out my > new security skills and what I found is not pretty. > > Basically this list reminds me of a college friend who's 10 year old > brother licked the railing all the way down the Guggenheim and then > broke out in 5 different kind of sores about 3 days later. > > I know that Trinoo_Master running on 27374 and subseven on > 27665 are both remote hacker gaping holes. I'm suspicious about other > things but does anyone recognize some of these nasty wounds > festering. > > One thing I am worried about is a keystroke monitor, because I have > used ssh to log into several over machines and am wondering if those > machines are compromised too. Port sniffers wouldn't get my password > with ssh, but a keyboard monitor would. Are keystroke monitors in > linux at the level of X or the kernel? And is anything in the list > below indicative of one? > > The list follows, and don't worry, most of the open things have been > subsequently shut. > > Go easy, my pussy is sore.
that looks rather odd. are you sure you are not running something like labrea? something that shows false positives on ports? anyways, yeah, run lsof and send the results back to the list. -- christian void - [EMAIL PROTECTED] www.morphine.com/void/ gpg key available on request _______________________________________________ Bits mailing list [EMAIL PROTECTED] http://www.sugoi.org/mailman/listinfo/bits
