NetBus Помогите
Добавлено: 15 янв 2006, 20:36
Операционка Debian.Открыты порты12345 и 12346 помогите убить гада и закрыть порты. заранее благодарен.
Страница 1 из 1
Добавлено: 15 янв 2006, 22:51
непонял. вас интересует, какой прцесс юзает те или иные порты? man netstat
Добавлено: 16 янв 2006, 20:02
aleksandr, NetBus не работает под Unix 
Добавлено: 21 янв 2006, 11:26
устанавливаю начисто сканирую локалку nmapom нет ничего после перезагрузки появляется всякая фигня которой раньше небыло порты NetBus отмечены красным цветом как убрать его присутствие.
Добавлено: 22 янв 2006, 12:58
лог который выдал сканер
Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2006-01-22 10:12 EET
Interesting ports on localhost.localdomain (127.0.0.1):
(The 1636 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
1/tcp open tcpmux
11/tcp open systat
15/tcp open netstat
22/tcp open ssh
25/tcp open smtp
79/tcp open finger
111/tcp open rpcbind
113/tcp open auth
119/tcp open nntp
143/tcp open imap
540/tcp open uucp
635/tcp open unknown
864/tcp open unknown
967/tcp open unknown
1080/tcp open socks
1524/tcp open ingreslock
2000/tcp open callbook
6667/tcp open irc
12345/tcp open NetBus
12346/tcp open NetBus
27665/tcp open Trinoo_Master
31337/tcp open Elite
32771/tcp open sometimes-rpc5
32772/tcp open sometimes-rpc7
32773/tcp open sometimes-rpc9
32774/tcp open sometimes-rpc11
54320/tcp open bo2k
Device type: general purpose
Running: Linux 2.4.X|2.5.X
OS details: Linux 2.4.0 - 2.5.20
Uptime 0.040 days (since Sun Jan 22 09:14:00 2006)
Nmap finished: 1 IP address (1 host up) scanned in 2.771 seconds
что делать.
Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2006-01-22 10:12 EET
Interesting ports on localhost.localdomain (127.0.0.1):
(The 1636 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
1/tcp open tcpmux
11/tcp open systat
15/tcp open netstat
22/tcp open ssh
25/tcp open smtp
79/tcp open finger
111/tcp open rpcbind
113/tcp open auth
119/tcp open nntp
143/tcp open imap
540/tcp open uucp
635/tcp open unknown
864/tcp open unknown
967/tcp open unknown
1080/tcp open socks
1524/tcp open ingreslock
2000/tcp open callbook
6667/tcp open irc
12345/tcp open NetBus
12346/tcp open NetBus
27665/tcp open Trinoo_Master
31337/tcp open Elite
32771/tcp open sometimes-rpc5
32772/tcp open sometimes-rpc7
32773/tcp open sometimes-rpc9
32774/tcp open sometimes-rpc11
54320/tcp open bo2k
Device type: general purpose
Running: Linux 2.4.X|2.5.X
OS details: Linux 2.4.0 - 2.5.20
Uptime 0.040 days (since Sun Jan 22 09:14:00 2006)
Nmap finished: 1 IP address (1 host up) scanned in 2.771 seconds
что делать.
Добавлено: 22 янв 2006, 14:41
а сделай ps xauw
бо похоже honeypot установлен
бо похоже honeypot установлен
Добавлено: 23 янв 2006, 14:01
Что говорит /etc/services на предмет оных портов? Дейсвительно напоминает honeypot. Уточните дистрибутив плз и сделайте netstat -a
а тут пожалуйста проставьте знаки препинанияустанавливаю начисто сканирую локалку nmapom
Добавлено: 24 янв 2006, 11:32
В файле /etc/services данных портов не наблюдается
netstat -a выдал следующее
debian:~# netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:tcpmux *:* LISTEN
tcp 0 0 *:20034 *:* LISTEN
tcp 0 0 *:32771 *:* LISTEN
tcp 0 0 *:32772 *:* LISTEN
tcp 0 0 *:40421 *:* LISTEN
tcp 0 0 *:32773 *:* LISTEN
tcp 0 0 *:32774 *:* LISTEN
tcp 0 0 *:31337 *:* LISTEN
tcp 0 0 *:ircd *:* LISTEN
tcp 0 0 *:systat *:* LISTEN
tcp 0 0 *:5742 *:* LISTEN
tcp 0 0 *:imap2 *:* LISTEN
tcp 0 0 *:finger *:* LISTEN
tcp 0 0 *:netstat *:* LISTEN
tcp 0 0 localhost.localdoma:911 *:* LISTEN
tcp 0 0 *:sunrpc *:* LISTEN
tcp 0 0 *:54320 *:* LISTEN
tcp 0 0 *:sieve *:* LISTEN
tcp 0 0 *:27665 *:* LISTEN
tcp 0 0 *:auth *:* LISTEN
tcp 0 0 *:ingreslock *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 *:nntp *:* LISTEN
tcp 0 0 *:socks *:* LISTEN
tcp 0 0 *:12345 *:* LISTEN
tcp 0 0 *:921 *:* LISTEN
tcp 0 0 *:smtp *:* LISTEN
tcp 0 0 *:12346 *:* LISTEN
tcp 0 0 *:635 *:* LISTEN
tcp 0 0 *:49724 *:* LISTEN
tcp 0 0 *:uucp *:* LISTEN
udp 0 0 *:640 *:*
udp 0 0 *:641 *:*
udp 0 0 *:who *:*
udp 0 0 *:1 *:*
udp 0 0 *:32770 *:*
udp 0 0 *:32771 *:*
udp 0 0 *:32772 *:*
udp 0 0 *:32773 *:*
udp 0 0 *:32774 *:*
udp 0 0 *:echo *:*
udp 0 0 *:discard *:*
udp 0 0 *:915 *:*
udp 0 0 *:918 *:*
udp 0 0 *:snmp *:*
udp 0 0 *:snmp-trap *:*
udp 0 0 *:54321 *:*
udp 0 0 *:700 *:*
udp 0 0 *:37444 *:*
udp 0 0 *:tftp *:*
udp 0 0 *:31335 *:*
udp 0 0 *:31337 *:*
udp 0 0 *:sunrpc *:*
udp 0 0 *:34555 *:*
udp 0 0 *:635 *:*
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 1538 /tmp/.gdm_socket
unix 2 [ ACC ] STREAM LISTENING 1125 /var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 1186 /var/run/dirmngr/socket
unix 2 [ ACC ] STREAM LISTENING 2234 /tmp/ssh-wYILqf1211/agent.1211
unix 2 [ ACC ] STREAM LISTENING 1553 /tmp/.X11-unix/X0
unix 2 [ ACC ] STREAM LISTENING 2394 /tmp/mcop-root/localhost_localdomain-050b-43d5ce94
unix 2 [ ] DGRAM 340 @udevd
unix 2 [ ACC ] STREAM LISTENING 2274 /tmp/.ICE-unix/dcop1279-1138085511
unix 2 [ ACC ] STREAM LISTENING 2464 /tmp/.ICE-unix/1301
unix 5 [ ] DGRAM 1028 /dev/log
unix 2 [ ACC ] STREAM LISTENING 2262 /tmp/ksocket-root/kdeinit__0
unix 2 [ ACC ] STREAM LISTENING 1355 /dev/printer
unix 2 [ ACC ] STREAM LISTENING 2264 /tmp/ksocket-root/kdeinit-:0
unix 2 [ ACC ] STREAM LISTENING 2295 /tmp/ksocket-root/klauncherItZsrc.slave-socket
unix 3 [ ] STREAM CONNECTED 4467 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 4466
unix 3 [ ] STREAM CONNECTED 4461 /tmp/.ICE-unix/1301
unix 3 [ ] STREAM CONNECTED 4460
unix 3 [ ] STREAM CONNECTED 4459 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 4458
unix 3 [ ] STREAM CONNECTED 4209 /tmp/ksocket-root/klauncherItZsrc.slave-socket
unix 3 [ ] STREAM CONNECTED 4208
unix 3 [ ] STREAM CONNECTED 4153 /tmp/.ICE-unix/1301
unix 3 [ ] STREAM CONNECTED 4152
unix 3 [ ] STREAM CONNECTED 4149 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 4148
unix 3 [ ] STREAM CONNECTED 4147 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 4146
unix 3 [ ] STREAM CONNECTED 4068 /tmp/.famplh63v
unix 3 [ ] STREAM CONNECTED 4067
unix 3 [ ] STREAM CONNECTED 4044 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 4043
unix 3 [ ] STREAM CONNECTED 4038 /tmp/.ICE-unix/1301
unix 3 [ ] STREAM CONNECTED 4037
unix 3 [ ] STREAM CONNECTED 4036 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 4035
unix 3 [ ] STREAM CONNECTED 3334 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 3333
unix 3 [ ] STREAM CONNECTED 3116 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 3115
unix 3 [ ] STREAM CONNECTED 3107 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 3106
unix 3 [ ] STREAM CONNECTED 3028 /tmp/.famLAzFeI
unix 3 [ ] STREAM CONNECTED 3027
unix 3 [ ] STREAM CONNECTED 3004 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 3003
unix 3 [ ] STREAM CONNECTED 2998 /tmp/.ICE-unix/1301
unix 3 [ ] STREAM CONNECTED 2997
unix 3 [ ] STREAM CONNECTED 2996 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2995
unix 3 [ ] STREAM CONNECTED 2974 /tmp/mcop-root/localhost_localdomain-050b-43d5ce94
unix 3 [ ] STREAM CONNECTED 2973
unix 3 [ ] STREAM CONNECTED 2966 /tmp/.ICE-unix/1301
unix 3 [ ] STREAM CONNECTED 2965
unix 3 [ ] STREAM CONNECTED 2962 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2961
unix 3 [ ] STREAM CONNECTED 2960 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 2959
unix 3 [ ] STREAM CONNECTED 2950 /tmp/.ICE-unix/1301
unix 3 [ ] STREAM CONNECTED 2949
unix 3 [ ] STREAM CONNECTED 2946 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2945
unix 3 [ ] STREAM CONNECTED 2944 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 2943
unix 3 [ ] STREAM CONNECTED 2921 /tmp/.ICE-unix/1301
unix 3 [ ] STREAM CONNECTED 2920
unix 3 [ ] STREAM CONNECTED 2916 /tmp/.X11-unix/X0
unix 5 [ ] STREAM CONNECTED 2915
unix 3 [ ] STREAM CONNECTED 2914 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 2913
unix 3 [ ] STREAM CONNECTED 2553
unix 3 [ ] STREAM CONNECTED 2552
unix 3 [ ] STREAM CONNECTED 2551
unix 3 [ ] STREAM CONNECTED 2550
unix 3 [ ] STREAM CONNECTED 2549
unix 3 [ ] STREAM CONNECTED 2548
unix 3 [ ] STREAM CONNECTED 2532 /tmp/.ICE-unix/1301
unix 3 [ ] STREAM CONNECTED 2531
unix 3 [ ] STREAM CONNECTED 2528 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2527
unix 3 [ ] STREAM CONNECTED 2526 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 2525
unix 3 [ ] STREAM CONNECTED 2521 /tmp/.famgkWTI4
unix 3 [ ] STREAM CONNECTED 2520
unix 3 [ ] STREAM CONNECTED 2507 /tmp/.ICE-unix/1301
unix 3 [ ] STREAM CONNECTED 2506
unix 3 [ ] STREAM CONNECTED 2503 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2502
unix 3 [ ] STREAM CONNECTED 2501 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 2500
unix 3 [ ] STREAM CONNECTED 2494 /tmp/.ICE-unix/1301
unix 3 [ ] STREAM CONNECTED 2493
unix 3 [ ] STREAM CONNECTED 2489 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2488
unix 3 [ ] STREAM CONNECTED 2487 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 2486
unix 3 [ ] STREAM CONNECTED 2480 /tmp/.ICE-unix/1301
unix 3 [ ] STREAM CONNECTED 2479
unix 3 [ ] STREAM CONNECTED 2478 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 2477
unix 3 [ ] STREAM CONNECTED 2471 /tmp/.ICE-unix/1301
unix 3 [ ] STREAM CONNECTED 2470
unix 3 [ ] STREAM CONNECTED 2469 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2468
unix 3 [ ] STREAM CONNECTED 2463 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 2462
unix 3 [ ] STREAM CONNECTED 2457 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2456
unix 3 [ ] STREAM CONNECTED 2450 /tmp/ksocket-root/kdeinit__0
unix 3 [ ] STREAM CONNECTED 2449
unix 3 [ ] STREAM CONNECTED 2444 /tmp/mcop-root/localhost_localdomain-050b-43d5ce94
unix 3 [ ] STREAM CONNECTED 2443
unix 3 [ ] STREAM CONNECTED 2405 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2404
unix 3 [ ] STREAM CONNECTED 2403 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 2402
unix 3 [ ] STREAM CONNECTED 2384 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2383
unix 3 [ ] STREAM CONNECTED 2382 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 2381
unix 3 [ ] STREAM CONNECTED 2349 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2348
unix 5 [ ] STREAM CONNECTED 2343 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2342
unix 3 [ ] STREAM CONNECTED 2323 /tmp/.famU18Lm0
unix 3 [ ] STREAM CONNECTED 2322
unix 3 [ ] STREAM CONNECTED 2311 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2310
unix 3 [ ] STREAM CONNECTED 2307 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 2306
unix 3 [ ] STREAM CONNECTED 2289 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 2288
unix 3 [ ] STREAM CONNECTED 2284
unix 3 [ ] STREAM CONNECTED 2283
unix 4 [ ] STREAM CONNECTED 2176 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 1555
unix 2 [ ] DGRAM 1486
unix 2 [ ] DGRAM 1343
unix 3 [ ] STREAM CONNECTED 1129
unix 3 [ ] STREAM CONNECTED 1128
unix 2 [ ] DGRAM 1118
debian:~#
а насчет цитаты,для тех кто в танке или умников повторю.
устанавливаю начисто,(запятая)сканирую nmapom локалку
ребята я спрашиваю конкретный совет,а задрачивать я и сам могу.
что такое honeypot?
netstat -a выдал следующее
debian:~# netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:tcpmux *:* LISTEN
tcp 0 0 *:20034 *:* LISTEN
tcp 0 0 *:32771 *:* LISTEN
tcp 0 0 *:32772 *:* LISTEN
tcp 0 0 *:40421 *:* LISTEN
tcp 0 0 *:32773 *:* LISTEN
tcp 0 0 *:32774 *:* LISTEN
tcp 0 0 *:31337 *:* LISTEN
tcp 0 0 *:ircd *:* LISTEN
tcp 0 0 *:systat *:* LISTEN
tcp 0 0 *:5742 *:* LISTEN
tcp 0 0 *:imap2 *:* LISTEN
tcp 0 0 *:finger *:* LISTEN
tcp 0 0 *:netstat *:* LISTEN
tcp 0 0 localhost.localdoma:911 *:* LISTEN
tcp 0 0 *:sunrpc *:* LISTEN
tcp 0 0 *:54320 *:* LISTEN
tcp 0 0 *:sieve *:* LISTEN
tcp 0 0 *:27665 *:* LISTEN
tcp 0 0 *:auth *:* LISTEN
tcp 0 0 *:ingreslock *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 *:nntp *:* LISTEN
tcp 0 0 *:socks *:* LISTEN
tcp 0 0 *:12345 *:* LISTEN
tcp 0 0 *:921 *:* LISTEN
tcp 0 0 *:smtp *:* LISTEN
tcp 0 0 *:12346 *:* LISTEN
tcp 0 0 *:635 *:* LISTEN
tcp 0 0 *:49724 *:* LISTEN
tcp 0 0 *:uucp *:* LISTEN
udp 0 0 *:640 *:*
udp 0 0 *:641 *:*
udp 0 0 *:who *:*
udp 0 0 *:1 *:*
udp 0 0 *:32770 *:*
udp 0 0 *:32771 *:*
udp 0 0 *:32772 *:*
udp 0 0 *:32773 *:*
udp 0 0 *:32774 *:*
udp 0 0 *:echo *:*
udp 0 0 *:discard *:*
udp 0 0 *:915 *:*
udp 0 0 *:918 *:*
udp 0 0 *:snmp *:*
udp 0 0 *:snmp-trap *:*
udp 0 0 *:54321 *:*
udp 0 0 *:700 *:*
udp 0 0 *:37444 *:*
udp 0 0 *:tftp *:*
udp 0 0 *:31335 *:*
udp 0 0 *:31337 *:*
udp 0 0 *:sunrpc *:*
udp 0 0 *:34555 *:*
udp 0 0 *:635 *:*
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 1538 /tmp/.gdm_socket
unix 2 [ ACC ] STREAM LISTENING 1125 /var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 1186 /var/run/dirmngr/socket
unix 2 [ ACC ] STREAM LISTENING 2234 /tmp/ssh-wYILqf1211/agent.1211
unix 2 [ ACC ] STREAM LISTENING 1553 /tmp/.X11-unix/X0
unix 2 [ ACC ] STREAM LISTENING 2394 /tmp/mcop-root/localhost_localdomain-050b-43d5ce94
unix 2 [ ] DGRAM 340 @udevd
unix 2 [ ACC ] STREAM LISTENING 2274 /tmp/.ICE-unix/dcop1279-1138085511
unix 2 [ ACC ] STREAM LISTENING 2464 /tmp/.ICE-unix/1301
unix 5 [ ] DGRAM 1028 /dev/log
unix 2 [ ACC ] STREAM LISTENING 2262 /tmp/ksocket-root/kdeinit__0
unix 2 [ ACC ] STREAM LISTENING 1355 /dev/printer
unix 2 [ ACC ] STREAM LISTENING 2264 /tmp/ksocket-root/kdeinit-:0
unix 2 [ ACC ] STREAM LISTENING 2295 /tmp/ksocket-root/klauncherItZsrc.slave-socket
unix 3 [ ] STREAM CONNECTED 4467 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 4466
unix 3 [ ] STREAM CONNECTED 4461 /tmp/.ICE-unix/1301
unix 3 [ ] STREAM CONNECTED 4460
unix 3 [ ] STREAM CONNECTED 4459 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 4458
unix 3 [ ] STREAM CONNECTED 4209 /tmp/ksocket-root/klauncherItZsrc.slave-socket
unix 3 [ ] STREAM CONNECTED 4208
unix 3 [ ] STREAM CONNECTED 4153 /tmp/.ICE-unix/1301
unix 3 [ ] STREAM CONNECTED 4152
unix 3 [ ] STREAM CONNECTED 4149 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 4148
unix 3 [ ] STREAM CONNECTED 4147 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 4146
unix 3 [ ] STREAM CONNECTED 4068 /tmp/.famplh63v
unix 3 [ ] STREAM CONNECTED 4067
unix 3 [ ] STREAM CONNECTED 4044 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 4043
unix 3 [ ] STREAM CONNECTED 4038 /tmp/.ICE-unix/1301
unix 3 [ ] STREAM CONNECTED 4037
unix 3 [ ] STREAM CONNECTED 4036 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 4035
unix 3 [ ] STREAM CONNECTED 3334 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 3333
unix 3 [ ] STREAM CONNECTED 3116 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 3115
unix 3 [ ] STREAM CONNECTED 3107 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 3106
unix 3 [ ] STREAM CONNECTED 3028 /tmp/.famLAzFeI
unix 3 [ ] STREAM CONNECTED 3027
unix 3 [ ] STREAM CONNECTED 3004 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 3003
unix 3 [ ] STREAM CONNECTED 2998 /tmp/.ICE-unix/1301
unix 3 [ ] STREAM CONNECTED 2997
unix 3 [ ] STREAM CONNECTED 2996 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2995
unix 3 [ ] STREAM CONNECTED 2974 /tmp/mcop-root/localhost_localdomain-050b-43d5ce94
unix 3 [ ] STREAM CONNECTED 2973
unix 3 [ ] STREAM CONNECTED 2966 /tmp/.ICE-unix/1301
unix 3 [ ] STREAM CONNECTED 2965
unix 3 [ ] STREAM CONNECTED 2962 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2961
unix 3 [ ] STREAM CONNECTED 2960 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 2959
unix 3 [ ] STREAM CONNECTED 2950 /tmp/.ICE-unix/1301
unix 3 [ ] STREAM CONNECTED 2949
unix 3 [ ] STREAM CONNECTED 2946 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2945
unix 3 [ ] STREAM CONNECTED 2944 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 2943
unix 3 [ ] STREAM CONNECTED 2921 /tmp/.ICE-unix/1301
unix 3 [ ] STREAM CONNECTED 2920
unix 3 [ ] STREAM CONNECTED 2916 /tmp/.X11-unix/X0
unix 5 [ ] STREAM CONNECTED 2915
unix 3 [ ] STREAM CONNECTED 2914 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 2913
unix 3 [ ] STREAM CONNECTED 2553
unix 3 [ ] STREAM CONNECTED 2552
unix 3 [ ] STREAM CONNECTED 2551
unix 3 [ ] STREAM CONNECTED 2550
unix 3 [ ] STREAM CONNECTED 2549
unix 3 [ ] STREAM CONNECTED 2548
unix 3 [ ] STREAM CONNECTED 2532 /tmp/.ICE-unix/1301
unix 3 [ ] STREAM CONNECTED 2531
unix 3 [ ] STREAM CONNECTED 2528 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2527
unix 3 [ ] STREAM CONNECTED 2526 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 2525
unix 3 [ ] STREAM CONNECTED 2521 /tmp/.famgkWTI4
unix 3 [ ] STREAM CONNECTED 2520
unix 3 [ ] STREAM CONNECTED 2507 /tmp/.ICE-unix/1301
unix 3 [ ] STREAM CONNECTED 2506
unix 3 [ ] STREAM CONNECTED 2503 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2502
unix 3 [ ] STREAM CONNECTED 2501 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 2500
unix 3 [ ] STREAM CONNECTED 2494 /tmp/.ICE-unix/1301
unix 3 [ ] STREAM CONNECTED 2493
unix 3 [ ] STREAM CONNECTED 2489 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2488
unix 3 [ ] STREAM CONNECTED 2487 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 2486
unix 3 [ ] STREAM CONNECTED 2480 /tmp/.ICE-unix/1301
unix 3 [ ] STREAM CONNECTED 2479
unix 3 [ ] STREAM CONNECTED 2478 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 2477
unix 3 [ ] STREAM CONNECTED 2471 /tmp/.ICE-unix/1301
unix 3 [ ] STREAM CONNECTED 2470
unix 3 [ ] STREAM CONNECTED 2469 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2468
unix 3 [ ] STREAM CONNECTED 2463 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 2462
unix 3 [ ] STREAM CONNECTED 2457 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2456
unix 3 [ ] STREAM CONNECTED 2450 /tmp/ksocket-root/kdeinit__0
unix 3 [ ] STREAM CONNECTED 2449
unix 3 [ ] STREAM CONNECTED 2444 /tmp/mcop-root/localhost_localdomain-050b-43d5ce94
unix 3 [ ] STREAM CONNECTED 2443
unix 3 [ ] STREAM CONNECTED 2405 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2404
unix 3 [ ] STREAM CONNECTED 2403 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 2402
unix 3 [ ] STREAM CONNECTED 2384 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2383
unix 3 [ ] STREAM CONNECTED 2382 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 2381
unix 3 [ ] STREAM CONNECTED 2349 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2348
unix 5 [ ] STREAM CONNECTED 2343 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2342
unix 3 [ ] STREAM CONNECTED 2323 /tmp/.famU18Lm0
unix 3 [ ] STREAM CONNECTED 2322
unix 3 [ ] STREAM CONNECTED 2311 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 2310
unix 3 [ ] STREAM CONNECTED 2307 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 2306
unix 3 [ ] STREAM CONNECTED 2289 /tmp/.ICE-unix/dcop1279-1138085511
unix 3 [ ] STREAM CONNECTED 2288
unix 3 [ ] STREAM CONNECTED 2284
unix 3 [ ] STREAM CONNECTED 2283
unix 4 [ ] STREAM CONNECTED 2176 /tmp/.X11-unix/X0
unix 3 [ ] STREAM CONNECTED 1555
unix 2 [ ] DGRAM 1486
unix 2 [ ] DGRAM 1343
unix 3 [ ] STREAM CONNECTED 1129
unix 3 [ ] STREAM CONNECTED 1128
unix 2 [ ] DGRAM 1118
debian:~#
а насчет цитаты,для тех кто в танке или умников повторю.
устанавливаю начисто,(запятая)сканирую nmapom локалку
ребята я спрашиваю конкретный совет,а задрачивать я и сам могу.
что такое honeypot?
Добавлено: 24 янв 2006, 12:05
aleksandr, netstat -antp в студию... заодно и сами посмотрите, какой процесс открыл эти порты...
Добавлено: 24 янв 2006, 12:17
про honeypot почитай тут )
Кроме того, почему ты обратил внимание только на NetBus? У тебя также открыт порт, идентифицированный, как Back Oriffice 2000.
для тех, кто в танке, повторю, что правильно сформулированный вопрос - это половина ответа, если ты считаешь, что тебя задрачивают, а не проясняют картину, то ковыряйся сам. а конкретный совет будет, как только прояснятся необходимые моменты. а теперь по-делу: netstat -vepaF (впрочем, netstat -antp вполне тоже хватит
)Кроме того, почему ты обратил внимание только на NetBus? У тебя также открыт порт, идентифицированный, как Back Oriffice 2000.
Добавлено: 24 янв 2006, 15:11
Спасибо за дискуссию.Прошу извинения за жесткое высказывание.
Вся причина в portsentry.
Программа держит на контроле все порты которые были указаны.
С найлучшими пожеланиями.
Вся причина в portsentry.
Программа держит на контроле все порты которые были указаны.
С найлучшими пожеланиями.
Добавлено: 24 янв 2006, 15:20
Хорошо все, что хорошо кончается
В связи с твоим вопросом нашел тоже пару интересных вещей: например
http://www.opennet.ru/base/sec/linux_sec_guide.txt.html
Здесь находится статья, посвященная проблемам безопасности UNIX-like систем, так что и тебе спасибо
В связи с твоим вопросом нашел тоже пару интересных вещей: например
http://www.opennet.ru/base/sec/linux_sec_guide.txt.html
Здесь находится статья, посвященная проблемам безопасности UNIX-like систем, так что и тебе спасибо