Hi,
Thanks for your reply
Attached the ouput of
Many thanks
On 05/07/2013 07:50 PM, Yago Jesus wrote:
Hi,
Could you provide us the output of:
ss -lt
netstat -tanp
lsof +c 0 -iTCP | grep -i liste
Thank you !!
2013/5/6 W Forum W <wfor...@gmail.com <mailto:wfor...@gmail.com>>
Hi,
I have 2 identically installed servers (debian wheezy) with the
same version of rkhunter (1.4.0-1)
one of the servers gives a warning
/Warning: Hidden ports found:
Port number: TCP:769/
If I check the port on both server, the state of the port is the same
/PORT STATE SERVICE
769/tcp closed vid/
Why give one server a warning and the other not.
Do I overlook something?
Many thanks
------------------------------------------------------------------------------
Introducing AppDynamics Lite, a free troubleshooting tool for
Java/.NET
Get 100% visibility into your production application - at no cost.
Code-level diagnostics for performance bottlenecks with <2% overhead
Download for free and get started troubleshooting in minutes.
http://p.sf.net/sfu/appdyn_d2d_ap1
_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
<mailto:Rkhunter-users@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
ss -lt
---------
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 64 :::41268 :::*
LISTEN 0 128 127.0.0.1:6037 *:*
LISTEN 0 128 ::1:6037 :::*
LISTEN 0 128 127.0.0.1:6038 *:*
LISTEN 0 128 ::1:6038 :::*
LISTEN 0 128 :::ssh :::*
LISTEN 0 128 *:ssh *:*
LISTEN 0 128 :::ipp :::*
LISTEN 0 128 *:ipp *:*
LISTEN 0 100 127.0.0.1:smtp *:*
LISTEN 0 128 127.0.0.1:6010 *:*
LISTEN 0 128 ::1:6010 :::*
LISTEN 0 128 127.0.0.1:6011 *:*
LISTEN 0 128 ::1:6011 :::*
LISTEN 0 128 127.0.0.1:6012 *:*
LISTEN 0 128 ::1:6012 :::*
LISTEN 0 128 127.0.0.1:6013 *:*
LISTEN 0 128 ::1:6013 :::*
LISTEN 0 128 127.0.0.1:6014 *:*
LISTEN 0 128 ::1:6014 :::*
LISTEN 0 128 127.0.0.1:6015 *:*
LISTEN 0 128 ::1:6015 :::*
LISTEN 0 128 127.0.0.1:6016 *:*
LISTEN 0 128 ::1:6016 :::*
LISTEN 0 128 127.0.0.1:6017 *:*
LISTEN 0 128 ::1:6017 :::*
LISTEN 0 128 127.0.0.1:6018 *:*
LISTEN 0 128 ::1:6018 :::*
LISTEN 0 5 *:nrpe *:*
LISTEN 0 128 127.0.0.1:6019 *:*
LISTEN 0 128 ::1:6019 :::*
LISTEN 0 128 127.0.0.1:6020 *:*
LISTEN 0 128 ::1:6020 :::*
LISTEN 0 128 127.0.0.1:6021 *:*
LISTEN 0 128 ::1:6021 :::*
LISTEN 0 128 127.0.0.1:6022 *:*
LISTEN 0 128 ::1:6022 :::*
LISTEN 0 64 :::57542 :::*
LISTEN 0 128 127.0.0.1:6023 *:*
LISTEN 0 128 ::1:6023 :::*
LISTEN 0 128 127.0.0.1:6024 *:*
LISTEN 0 128 ::1:6024 :::*
LISTEN 0 64 *:50664 *:*
LISTEN 0 128 127.0.0.1:6025 *:*
LISTEN 0 128 ::1:6025 :::*
LISTEN 0 128 127.0.0.1:6026 *:*
LISTEN 0 128 ::1:6026 :::*
LISTEN 0 128 :::57355 :::*
LISTEN 0 128 127.0.0.1:6029 *:*
LISTEN 0 128 ::1:6029 :::*
LISTEN 0 128 127.0.0.1:6030 *:*
LISTEN 0 128 ::1:6030 :::*
LISTEN 0 64 *:49326 *:*
LISTEN 0 128 *:48271 *:*
LISTEN 0 128 :::sunrpc :::*
LISTEN 0 128 *:sunrpc *:*
netstat -tanp
---------
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
PID/Program name
tcp 0 0 127.0.0.1:6037 0.0.0.0:* LISTEN
3914/28
tcp 0 0 127.0.0.1:6038 0.0.0.0:* LISTEN
4284/29
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
27178/sshd
tcp 0 0 0.0.0.0:631 0.0.0.0:* LISTEN
3121/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
3165/user1ter
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN
3632/0
tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN
13230/1
tcp 0 0 127.0.0.1:6012 0.0.0.0:* LISTEN
4292/2
tcp 0 0 127.0.0.1:6013 0.0.0.0:* LISTEN
4459/3
tcp 0 0 127.0.0.1:6014 0.0.0.0:* LISTEN
4612/4
tcp 0 0 127.0.0.1:6015 0.0.0.0:* LISTEN
4763/5
tcp 0 0 127.0.0.1:6016 0.0.0.0:* LISTEN
4914/7
tcp 0 0 127.0.0.1:6017 0.0.0.0:* LISTEN
5065/8
tcp 0 0 127.0.0.1:6018 0.0.0.0:* LISTEN
5216/9
tcp 0 0 0.0.0.0:5666 0.0.0.0:* LISTEN
2723/nrpe
tcp 0 0 127.0.0.1:6019 0.0.0.0:* LISTEN
5367/10
tcp 0 0 127.0.0.1:6020 0.0.0.0:* LISTEN
5533/11
tcp 0 0 127.0.0.1:6021 0.0.0.0:* LISTEN
5684/12
tcp 0 0 127.0.0.1:6022 0.0.0.0:* LISTEN
5835/13
tcp 0 0 127.0.0.1:6023 0.0.0.0:* LISTEN
5986/14
tcp 0 0 127.0.0.1:6024 0.0.0.0:* LISTEN
6137/15
tcp 0 0 0.0.0.0:50664 0.0.0.0:* LISTEN
-
tcp 0 0 127.0.0.1:6025 0.0.0.0:* LISTEN
6290/16
tcp 0 0 127.0.0.1:6026 0.0.0.0:* LISTEN
6441/17
tcp 0 0 127.0.0.1:6029 0.0.0.0:* LISTEN
788/20
tcp 0 0 127.0.0.1:6030 0.0.0.0:* LISTEN
3353/21
tcp 0 0 0.0.0.0:49326 0.0.0.0:* LISTEN
-
tcp 0 0 0.0.0.0:48271 0.0.0.0:* LISTEN
2090/rpc.statd
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
2045/rpcbind
tcp 0 0 192.168.51.122:768 192.168.51.127:2049 ESTABLISHED
-
tcp 0 0 10.0.0.122:22 10.0.0.87:53398 ESTABLISHED
3629/sshd: user1 [pri
tcp 0 0 10.0.0.122:22 10.0.0.87:52918 ESTABLISHED
5984/sshd: user1 [pri
tcp 0 0 10.0.0.122:22 10.0.0.87:52921 ESTABLISHED
6439/sshd: user1 [pri
tcp 0 0 192.168.51.122:892 192.168.51.243:2049 ESTABLISHED
-
tcp 0 0 10.0.0.122:22 10.0.0.87:52914 ESTABLISHED
5365/sshd: user1 [pri
tcp 0 0 10.0.0.122:49055 10.0.0.24:636 ESTABLISHED
4289/sshd: user1 [pri
tcp 0 0 10.0.0.122:49073 10.0.0.24:636 ESTABLISHED
5682/sshd: user1 [pri
tcp 0 0 10.0.0.122:22 10.0.0.87:52920 ESTABLISHED
6287/sshd: user1 [pri
tcp 0 0 10.0.0.122:22 10.0.0.87:53481 ESTABLISHED
786/sshd: user1 [priv
tcp 0 0 10.0.0.122:22 10.0.0.87:52912 ESTABLISHED
5063/sshd: user1 [pri
tcp 0 0 10.0.0.122:22 10.0.0.87:52907 ESTABLISHED
4289/sshd: user1 [pri
tcp 0 0 192.168.51.122:835 192.168.51.124:2049 ESTABLISHED
-
tcp 0 48 10.0.0.122:22 10.0.0.226:48380 ESTABLISHED
13212/sshd: user3 [p
tcp 0 0 10.0.0.122:54472 10.0.0.24:636 ESTABLISHED
4282/sshd: user2 [pri
tcp 0 0 10.0.0.122:49077 10.0.0.24:636 ESTABLISHED
5984/sshd: user1 [pri
tcp 0 0 10.0.0.122:49063 10.0.0.24:636 ESTABLISHED
4912/sshd: user1 [pri
tcp 0 0 10.0.0.122:55921 10.0.0.24:636 ESTABLISHED
3344/sshd: user1 [pri
tcp 0 0 10.0.0.122:34975 10.0.0.24:636 ESTABLISHED
786/sshd: user1 [priv
tcp 0 0 10.0.0.122:22 10.0.0.87:52913 ESTABLISHED
5214/sshd: user1 [pri
tcp 0 0 10.0.0.122:49061 10.0.0.24:636 ESTABLISHED
4761/sshd: user1 [pri
tcp 0 0 10.0.0.122:22 10.0.0.87:52911 ESTABLISHED
4912/sshd: user1 [pri
tcp 0 0 10.0.0.122:49075 10.0.0.24:636 ESTABLISHED
5833/sshd: user1 [pri
tcp 0 0 10.0.0.122:52717 10.0.0.24:636 ESTABLISHED
2664/nscd
tcp 0 0 10.0.0.122:22 10.0.0.87:52909 ESTABLISHED
4610/sshd: user1 [pri
tcp 0 0 10.0.0.122:22 10.0.0.91:47287 ESTABLISHED
3912/sshd: user2 [pri
tcp 0 0 10.0.0.122:22 10.0.0.87:52915 ESTABLISHED
5531/sshd: user1 [pri
tcp 0 0 10.0.0.122:49069 10.0.0.24:636 ESTABLISHED
5365/sshd: user1 [pri
tcp 0 0 10.0.0.122:49083 10.0.0.24:636 ESTABLISHED
6439/sshd: user1 [pri
tcp 0 0 10.0.0.122:49071 10.0.0.24:636 ESTABLISHED
5531/sshd: user1 [pri
tcp 0 0 10.0.0.122:54099 10.0.0.24:636 ESTABLISHED
2158/rpc.idmapd
tcp 0 0 10.0.0.122:49065 10.0.0.24:636 ESTABLISHED
5063/sshd: user1 [pri
tcp 0 0 192.168.51.122:913 192.168.51.134:2049 ESTABLISHED
-
tcp 0 0 10.0.0.122:22 10.0.0.87:52908 ESTABLISHED
4457/sshd: user1 [pri
tcp 0 0 10.0.0.122:22 10.0.0.87:53000 ESTABLISHED
3344/sshd: user1 [pri
tcp 0 0 10.0.0.122:49067 10.0.0.24:636 ESTABLISHED
5214/sshd: user1 [pri
tcp 0 0 10.0.0.122:57300 10.0.0.24:636 ESTABLISHED
3629/sshd: user1 [pri
tcp 0 0 10.0.0.122:22 10.0.0.87:52916 ESTABLISHED
5682/sshd: user1 [pri
tcp 0 0 10.0.0.122:49059 10.0.0.24:636 ESTABLISHED
4610/sshd: user1 [pri
tcp 0 0 10.0.0.122:22 10.0.0.87:52919 ESTABLISHED
6135/sshd: user1 [pri
tcp 0 0 10.0.0.122:22 10.0.0.87:52917 ESTABLISHED
5833/sshd: user1 [pri
tcp 0 0 10.0.0.122:22 10.0.0.87:52910 ESTABLISHED
4761/sshd: user1 [pri
tcp 0 0 192.168.51.122:932 192.168.51.99:2049 ESTABLISHED
-
tcp 0 0 10.0.0.122:49057 10.0.0.24:636 ESTABLISHED
4457/sshd: user1 [pri
tcp 0 0 10.0.0.122:22 10.0.0.91:47288 ESTABLISHED
4282/sshd: user2 [pri
tcp 0 0 10.0.0.122:54469 10.0.0.24:636 ESTABLISHED
3912/sshd: user2 [pri
tcp 0 0 10.0.0.122:49081 10.0.0.24:636 ESTABLISHED
6287/sshd: user1 [pri
tcp 0 0 10.0.0.122:49079 10.0.0.24:636 ESTABLISHED
6135/sshd: user1 [pri
tcp6 0 0 :::41268 :::* LISTEN
-
tcp6 0 0 ::1:6037 :::* LISTEN
3914/28
tcp6 0 0 ::1:6038 :::* LISTEN
4284/29
tcp6 0 0 :::22 :::* LISTEN
27178/sshd
tcp6 0 0 :::631 :::* LISTEN
3121/cupsd
tcp6 0 0 ::1:6010 :::* LISTEN
3632/0
tcp6 0 0 ::1:6011 :::* LISTEN
13230/1
tcp6 0 0 ::1:6012 :::* LISTEN
4292/2
tcp6 0 0 ::1:6013 :::* LISTEN
4459/3
tcp6 0 0 ::1:6014 :::* LISTEN
4612/4
tcp6 0 0 ::1:6015 :::* LISTEN
4763/5
tcp6 0 0 ::1:6016 :::* LISTEN
4914/7
tcp6 0 0 ::1:6017 :::* LISTEN
5065/8
tcp6 0 0 ::1:6018 :::* LISTEN
5216/9
tcp6 0 0 ::1:6019 :::* LISTEN
5367/10
tcp6 0 0 ::1:6020 :::* LISTEN
5533/11
tcp6 0 0 ::1:6021 :::* LISTEN
5684/12
tcp6 0 0 ::1:6022 :::* LISTEN
5835/13
tcp6 0 0 :::57542 :::* LISTEN
-
tcp6 0 0 ::1:6023 :::* LISTEN
5986/14
tcp6 0 0 ::1:6024 :::* LISTEN
6137/15
tcp6 0 0 ::1:6025 :::* LISTEN
6290/16
tcp6 0 0 ::1:6026 :::* LISTEN
6441/17
tcp6 0 0 :::57355 :::* LISTEN
2090/rpc.statd
tcp6 0 0 ::1:6029 :::* LISTEN
788/20
tcp6 0 0 ::1:6030 :::* LISTEN
3353/21
tcp6 0 0 :::111 :::* LISTEN
2045/rpcbind
tcp6 0 0 ::1:50417 ::1:6025 ESTABLISHED
24525/ssh
tcp6 0 0 ::1:6022 ::1:35932 ESTABLISHED
5835/13
tcp6 0 0 ::1:6020 ::1:43730 ESTABLISHED
5533/11
tcp6 0 0 ::1:36416 ::1:6038 ESTABLISHED
4438/dbus-launch
tcp6 0 0 ::1:58925 ::1:6021 ESTABLISHED
14879/nedit
tcp6 0 0 ::1:36415 ::1:6038 ESTABLISHED
4438/dbus-launch
tcp6 0 0 ::1:52493 ::1:6024 ESTABLISHED
12326/nedit
tcp6 0 0 ::1:6038 ::1:36416 ESTABLISHED
4284/29
tcp6 0 0 ::1:60491 ::1:6019 ESTABLISHED
22397/nedit
tcp6 0 0 ::1:6010 ::1:49411 ESTABLISHED
3632/0
tcp6 0 0 ::1:6019 ::1:40385 ESTABLISHED
5367/10
tcp6 0 0 ::1:6020 ::1:43890 ESTABLISHED
5533/11
tcp6 0 0 ::1:43890 ::1:6020 ESTABLISHED
16890/nedit
tcp6 0 0 ::1:51250 ::1:6020 ESTABLISHED
26935/nedit
tcp6 0 0 ::1:49411 ::1:6010 ESTABLISHED
16954/nedit
tcp6 0 0 ::1:6025 ::1:50417 ESTABLISHED
6290/16
tcp6 0 0 ::1:6019 ::1:60491 ESTABLISHED
5367/10
tcp6 0 0 ::1:56335 ::1:6024 ESTABLISHED
17296/nedit
tcp6 0 0 ::1:6024 ::1:52493 ESTABLISHED
6137/15
tcp6 0 0 ::1:6020 ::1:51250 ESTABLISHED
5533/11
tcp6 0 0 ::1:6021 ::1:58925 ESTABLISHED
5684/12
tcp6 0 0 ::1:6024 ::1:56335 ESTABLISHED
6137/15
tcp6 0 0 ::1:35932 ::1:6022 ESTABLISHED
2132/nedit
tcp6 0 0 ::1:40385 ::1:6019 ESTABLISHED
20591/nedit
tcp6 0 0 ::1:43730 ::1:6020 ESTABLISHED
8340/nedit
tcp6 0 0 ::1:6038 ::1:36415 ESTABLISHED
4284/29
lsof +c 0 -iTCP | grep -i liste
---------
shd 788 user1 9u IPv6 29838345 0t0 TCP localhost:6029
(LISTEN)
sshd 788 user1 10u IPv4 29838346 0t0 TCP localhost:6029
(LISTEN)
rpcbind 2045 root 8u IPv4 4362 0t0 TCP *:sunrpc (LISTEN)
rpcbind 2045 root 11u IPv6 4369 0t0 TCP *:sunrpc (LISTEN)
rpc.statd 2090 statd 8u IPv4 1594 0t0 TCP *:48271 (LISTEN)
rpc.statd 2090 statd 10u IPv6 5567 0t0 TCP *:57355 (LISTEN)
nrpe 2723 nagios 4u IPv4 13365 0t0 TCP *:nrpe (LISTEN)
cupsd 3121 root 6u IPv4 32639445 0t0 TCP *:ipp (LISTEN)
cupsd 3121 root 9u IPv6 32639446 0t0 TCP *:ipp (LISTEN)
user1ter 3165 root 12u IPv4 13457 0t0 TCP localhost:smtp
(LISTEN)
sshd 3353 user1 9u IPv6 27501206 0t0 TCP localhost:6030
(LISTEN)
sshd 3353 user1 10u IPv4 27501207 0t0 TCP localhost:6030
(LISTEN)
sshd 3632 user1 9u IPv6 29458125 0t0 TCP localhost:6010
(LISTEN)
sshd 3632 user1 10u IPv4 29458126 0t0 TCP localhost:6010
(LISTEN)
sshd 3914 user2 9u IPv6 33113971 0t0 TCP localhost:6037
(LISTEN)
sshd 3914 user2 10u IPv4 33113972 0t0 TCP localhost:6037
(LISTEN)
sshd 4284 user2 9u IPv6 33121353 0t0 TCP localhost:6038
(LISTEN)
sshd 4284 user2 10u IPv4 33121354 0t0 TCP localhost:6038
(LISTEN)
sshd 4292 user1 9u IPv6 26918607 0t0 TCP localhost:6012
(LISTEN)
sshd 4292 user1 10u IPv4 26918608 0t0 TCP localhost:6012
(LISTEN)
sshd 4459 user1 9u IPv6 26918653 0t0 TCP localhost:6013
(LISTEN)
sshd 4459 user1 10u IPv4 26918654 0t0 TCP localhost:6013
(LISTEN)
sshd 4612 user1 9u IPv6 26912422 0t0 TCP localhost:6014
(LISTEN)
sshd 4612 user1 10u IPv4 26912423 0t0 TCP localhost:6014
(LISTEN)
sshd 4763 user1 9u IPv6 26918744 0t0 TCP localhost:6015
(LISTEN)
sshd 4763 user1 10u IPv4 26918745 0t0 TCP localhost:6015
(LISTEN)
sshd 4914 user1 9u IPv6 26916443 0t0 TCP localhost:6016
(LISTEN)
sshd 4914 user1 10u IPv4 26916444 0t0 TCP localhost:6016
(LISTEN)
sshd 5065 user1 9u IPv6 26916496 0t0 TCP localhost:6017
(LISTEN)
sshd 5065 user1 10u IPv4 26916497 0t0 TCP localhost:6017
(LISTEN)
sshd 5216 user1 9u IPv6 26918855 0t0 TCP localhost:6018
(LISTEN)
sshd 5216 user1 10u IPv4 26918856 0t0 TCP localhost:6018
(LISTEN)
sshd 5367 user1 9u IPv6 26921994 0t0 TCP localhost:6019
(LISTEN)
sshd 5367 user1 10u IPv4 26921995 0t0 TCP localhost:6019
(LISTEN)
sshd 5533 user1 9u IPv6 26916585 0t0 TCP localhost:6020
(LISTEN)
sshd 5533 user1 10u IPv4 26916586 0t0 TCP localhost:6020
(LISTEN)
sshd 5684 user1 9u IPv6 26916647 0t0 TCP localhost:6021
(LISTEN)
sshd 5684 user1 10u IPv4 26916648 0t0 TCP localhost:6021
(LISTEN)
sshd 5835 user1 9u IPv6 26916713 0t0 TCP localhost:6022
(LISTEN)
sshd 5835 user1 10u IPv4 26916714 0t0 TCP localhost:6022
(LISTEN)
sshd 5986 user1 9u IPv6 26916785 0t0 TCP localhost:6023
(LISTEN)
sshd 5986 user1 10u IPv4 26916786 0t0 TCP localhost:6023
(LISTEN)
------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and
their applications. This 200-page book is written by three acclaimed
leaders in the field. The early access version is available now.
Download your free book today! http://p.sf.net/sfu/neotech_d2d_may
_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
