Security Incidents mailing list archives
RE: Random unprivileged TCP ports below 5000 kind-of open for a fraction of a second
From: alfaentomega <alfaentomega () yahoo com>
Date: Fri, 27 Dec 2002 00:36:29 -0800 (PST)
--- Rob Shein <shoten () starpower net> wrote:
Just to let you know, scanning localhost with nmap produces strange results usually. Try scanning from another node before you go any further.
I asked someone else to scan me. He told me that he doesn't see (and has never seen) such ports on his machine and that he doesn't see anything on mine, but after a while he found few random open ports on my host. I suppose it was because I was scanning myself at the same time, but when he told me that I indeed had open ports and that I should start comparing my /proc to ps output, I was sure I had been compromised. Now I know everything, thanks to Fyodor's answer. Thanks. -Alfaentomega. __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Random unprivileged TCP ports below 5000 kind-of open for a fraction of a second alfaentomega (Dec 24)
- Re: Random unprivileged TCP ports below 5000 kind-of open for a fraction of a second Pavel Kankovsky (Dec 27)
- Re: Random unprivileged TCP ports below 5000 kind-of open for a fraction of a second alfaentomega (Dec 27)
- Re: Random unprivileged TCP ports below 5000 kind-of open for a fraction of a second Fyodor (Dec 27)
- Re: Random unprivileged TCP ports below 5000 kind-of open for a fraction of a second alfaentomega (Dec 27)
- <Possible follow-ups>
- RE: Random unprivileged TCP ports below 5000 kind-of open for a fraction of a second alfaentomega (Dec 27)
- RE: Random unprivileged TCP ports below 5000 kind-of open for a fraction of a second Charles . Fasching (Dec 27)
- RE: Random unprivileged TCP ports below 5000 kind-of open for a fraction of a second Hornat, Charles (Dec 27)
- Re: Random unprivileged TCP ports below 5000 kind-of open for a fraction of a second Pavel Kankovsky (Dec 27)