Re: [PLUG] Elite port

Joe Laudadio on Tue, 2 May 2000 12:53:09 -0400 (EDT)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Elite port

From: Joe Laudadio <mg@infinity.stf.org>

To: plug@lists.nothinbut.net

Subject: Re: [PLUG] Elite port

Date: Tue, 2 May 2000 12:52:32 -0400 (EDT)

Reply-to: plug@lists.nothinbut.net

Sender: plug-admin@lists.nothinbut.net

By "filtered" do you mean that the port is open but there are some firewall rules in place governing what can and cannot get to it? By "varying levels of Linux" do you mean various linux distributions or one distribution with different packages installed on each? Anyhow, port 31337 is the port that backoriface uses. Backoriface is a trojan horse program for windows. Of course, that doesn't mean someone hasn't installed a trojan program on a linux box and made it use 31337. You can list your open ports and what process is using which port by issuing the command: netstat -tap You'll have to do this as root if you want to see everything otherwise, it'll only list the processes for processes that you own. If your linux install had this port open by default, then this is definately a bad thing. It shouldn't be there period. Did you download your distribution from a reputable site? mg On Tue, 2 May 2000, Alexander John Batyi wrote: > > Hey, > I just ran nmap against a couple of hosts with varying levels > of Linux installed on a site and found filtered ports for 31337 > on all of them. I think this is bad (as in not a good thing) right? > > Other machines I checked not on this site do not respond to this > port. I just recently installed a new version of the OS on > one machine and it already has this port open (filtered actually). > > Anyone see this before? Maybe you know what process name to look for. > > -bud > > > ______________________________________________________________________ > Philadelphia Linux Users Group - http://plug.nothinbut.net > Announcements - http://lists.nothinbut.net/mail/listinfo/plug-announce > General Discussion - http://lists.nothinbut.net/mail/listinfo/plug > ______________________________________________________________________ Philadelphia Linux Users Group - http://plug.nothinbut.net Announcements - http://lists.nothinbut.net/mail/listinfo/plug-announce General Discussion - http://lists.nothinbut.net/mail/listinfo/plug

Prev by Date: Re: [PLUG] Transportation

Next by Date: Re: [PLUG] /usr/bin/sendmail program w/PHP

Previous by thread: [PLUG] the data display debugger presentation will happen

Next by thread: Re: [PLUG] Elite port

Index(es):

Date

Thread