I found out what happened. Someone started a in.inetd in rc.sysinit what
this in.inetd does is run a BSD rexecd which opens the 510 port . The
ass*(&^*le even replaced my ls with a hacked one that if you do a ls -l on
/usr/sbin it will not show that in.inetd. Thanks for all the support and
suggestions :)
----- Original Message -----
From: neuroticimbecile <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, December 05, 2000 3:01 AM
Subject: Re: [plug] portscan
>
> On Tue, 05 Dec 2000, you wrote:
> > how does one remove such a port number? if its not in the inetd or
such?
>
> you have to kill the program which is listening on that port.
> or better yet, install ipchains and block all unused ports.
>
> hth,
> -eric
> --
> .--. Enrique D. Rosel II office://+63.2.894.3592/
> ( () ) Q Linux Solutions, Inc.
> `--\\ A Philippine Open Source Solutions Co. http://www.q-linux.com/
>
> _
> Philippine Linux Users Group. Web site and archives at
http://plug.linux.org.ph
> To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
>
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
