On Friday 20 January 2006 05:56, Tom Allison wrote:
>Tim Hardy wrote:
>> If you're really worried you could install and run chkrootkit to see
>> if there's anything lurking on your machine that shouldn't be there
>> but I'm sure you'll find nothing and that there's an innocent
>> explanation for al
Tim Hardy wrote:
If you're really worried you could install and run chkrootkit to see if
there's anything lurking on your machine that shouldn't be there but I'm
sure you'll find nothing and that there's an innocent explanation for
all this.
Sorry I can't help more.
Before I unleash a bea
Thanks for all replies; they all were usefull in providing tests as to
make me believe that quite probably this is something 'harmless', maybe
a bug in firestarter.
Well, if johannes really have a rootkit installed, it may be hiding
from netstat, ps etc. So I'd suggest him to boot from a liv
On Tue, Jan 17, 2006 at 03:28:55PM -0700, Justin Guerin wrote:
> Date: Tue, 17 Jan 2006 15:28:55 -0700
> From: Justin Guerin <[EMAIL PROTECTED]>
> To: debian-user@lists.debian.org
> Subject: Re: strange outbound connection
>
> > > What about `lsof -i`?
> >
On Tuesday 17 January 2006 07:46, johannes wrote:
> Sarunas Burdulis wrote:
> >>The firewall (firestrarter gui to be precise), just shows a line in
> >>active connections (ie. NOT in blocked connections) with an 'unknown
> >>service' on port 1056 to that external host. I'm just wondering how
> >>fi
johannes wrote:
Sarunas Burdulis wrote:
The firewall (firestrarter gui to be precise), just shows a line in
active connections (ie. NOT in blocked connections) with an 'unknown
service' on port 1056 to that external host. I'm just wondering how
firestarter knows about this connection.
I don't
Sarunas Burdulis wrote:
The firewall (firestrarter gui to be precise), just shows a line in
active connections (ie. NOT in blocked connections) with an 'unknown
service' on port 1056 to that external host. I'm just wondering how
firestarter knows about this connection.
I don't know how to procee
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
johannes wrote:
> Tim Hardy wrote:
>
>> johannes wrote:
>>
>>> Magnus Pedersen wrote:
>>>
johannes wrote:
> The gui of my firewall reports a strange outbound connection on
> port 1054 to a strange IP.
>
> How could I determin
Tim Hardy wrote:
johannes wrote:
Magnus Pedersen wrote:
johannes wrote:
The gui of my firewall reports a strange outbound connection on port
1054 to a strange IP.
How could I determine which process matches this connection?
How could I determine if this is something worrying?
netstat -p
johannes wrote:
Magnus Pedersen wrote:
johannes wrote:
The gui of my firewall reports a strange outbound connection on port
1054 to a strange IP.
How could I determine which process matches this connection?
How could I determine if this is something worrying?
Thanks for any help and links.
Magnus Pedersen wrote:
johannes wrote:
The gui of my firewall reports a strange outbound connection on port
1054 to a strange IP.
How could I determine which process matches this connection?
How could I determine if this is something worrying?
Thanks for any help and links.
Johannes
nets
johannes wrote:
The gui of my firewall reports a strange outbound connection on port
1054 to a strange IP.
How could I determine which process matches this connection?
How could I determine if this is something worrying?
Thanks for any help and links.
Johannes
netstat -plant | grep 1054
> Von: Tim Hardy <[EMAIL PROTECTED]>
> > The gui of my firewall reports a strange outbound connection on port
> > 1054 to a strange IP.
> >
> > How could I determine which process matches this connection?
> > How could I determine if this is something worrying?
>
> Netstat will help you find whi
Sorry meant to send this to whole list:
Original Message
Subject: Re: strange outbound connection
Date: Mon, 16 Jan 2006 18:38:48 +
From: Tim Hardy <[EMAIL PROTECTED]>
To: johannes <[EMAIL PROTECTED]>
References: <[EMAIL PROTECTED]>
johannes wrote:
The
14 matches
Mail list logo
