Weirdness in Sunos 4.1.3ui/ a cracker in the libs?

[chowes () helix net (Charles Howes)]

I was just running lsof the other day on our sunos system.  It seems that
almost every program we're running has a udp port open.  My big
concern is, what's it there for?  Is it waiting for udp packets from
someone, telling it to start dumping keystroke logs?

Or is it normal?  And how would a lowly sysadmin like me be able to
tell the difference?  (Apart from tripwire on the affected programs.)

An abbreviated list from lsof:

] in.telnet   880     root    0u  inet  TCP sunhost:telnet->termserv:7045
] in.telnet   880     root    1u  inet  TCP sunhost:telnet->termserv:7045
] in.telnet   880     root    2u  inet  TCP sunhost:telnet->termserv:7045
] in.telnet   880     root    4u  inet  UDP *:632

] in.telnet  1034     root    0u  inet  TCP sunhost:telnet->termserv:6049
] in.telnet  1034     root    1u  inet  TCP sunhost:telnet->termserv:6049
] in.telnet  1034     root    2u  inet  TCP sunhost:telnet->termserv:6049
] in.telnet  1034     root    4u  inet  UDP *:786

] pine       5550    usera    4u  inet  UDP *:1705

] sendmail.  5660    userb    5u  inet  TCP sunhost:smtp->anotherhost:4386
] sendmail.  5660    userb    6u  inet  UDP *:709
] sendmail.  5660    userb    7u  inet  TCP sunhost:smtp->anotherhost:4386

] lsof       5678     root    8u  inet  UDP *:766

--
Charles Howes -- chowes () helix net
 Always tell the truth, then you make it the other bloke's problem! 
 - Sean Connery, 1971