22 (ssh) 25 (smtp) 113 (pop-3)
Now, I'm very sure that I only started the sshd daemon and I DON'T even have an smtp/pop3/any kind of mail server installed. Running "netstat -l -p --inet" gives:
Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 *:sunrpc *:* LISTEN 5168/portmap tcp 0 0 localhost:731 *:* LISTEN 5219/fam udp 0 0 *:sunrpc *:* 5168/portmap tcp 0 0 *:ssh *:* LISTEN 6564/sshd
I don't see port 25 or 113 open, but why does nmap list them as so? Blocking the ports with iptables would probably solve the problem, but to get to the root of it, would tracking the daemons responsible for opening them be a better solution? How should I go about doing it then?
Thanks for all comments and feedback!
-- [EMAIL PROTECTED] mailing list
