[PLUG] Isn't this a lot of ports to have open?

Mike De La Mater mikedela at ipns.com
Wed Sep 11 16:26:08 UTC 2002 

I AM running portsentry...

I'll try turning it off and re-checking...

I can't seem to find out how to turn portsentry off. I tried disabling all of the 
ports and restarting, but hat didn't seem to do it.

Mike

9/11/02 9:06:12 AM, Michael Montagne <montagne at boora.com> wrote:

>>On 11/09/02, from the brain of Mike De La Mater tumbled:
>
>> No, it's the weirdest- No Windows on the PC at all. Nothing 
>> to run an exe in sight.
>> 
>> I've done a bit more research, and downloaded a tool to find 
>> the RSTb worm. I don't get a hit on the rstb_detector, 
>> claiing it doesn't have that one. 
>> 
>> I NEVER read e-mail or d/l files from that PC, it's a server, 
>> not a workstation. 
>> 
>> I'm wondering if it's related to the front page stuff I've 
>> got running on it. Maybe that cr__ has the ability to get 
>> infected on it's own...
>> 
>> Mike
>> 
>> 
>> 9/11/02 7:20:38 AM, Sandy Herring <sandy at herring.org> wrote:
>> Mike,
>> 
>> 54320/tcp  open        bo2k                                                    
>> 54321/udp  open        bo2k
>> 
>> ..are also Back Orifice. Is this a dual-boot w/Windows?
>
>I once installed portsentry and it made it look like I had open ports
>like this.  I didn't like that cause it seemed to call attention to
>myself in the wrong circles.  Even if they were all simply traps by
>portsentry, I didn't want to attract any undue attention.
>
>-- 
>  Michael Montagne  [montagne at boora.com]   503.226.1575 
>--    
>
>_______________________________________________
>PLUG mailing list
>PLUG at lists.pdxlinux.org
>http://lists.pdxlinux.org/mailman/listinfo/plug
>
Mike De La Mater
mikedela at ipns.com
503-702-6749

More information about the PLUG mailing list