l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
August 5: Social gathering
Next Installfest:
TBD
Latest News:
Jul. 4: July, August and September: Security, Photography and Programming for Kids
Page last updated:
2001 Dec 30 16:46

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
[vox] Well, I now feel like an idjut.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[vox] Well, I now feel like an idjut.



Popped over to one of my home machines (erebus.agentsix.net), which acts
as a sort of multi-server (web/mail/shells for some friends/etc). 
Wanted to check to see how many times my Apache logs say,
"NNNNNNNNNNNNN" (for the Code Red worm)...69 if anyone is curious.
*grin*

As I was poking around, I brought up a process list and a list of open
sockets with ps and netstat, respectively...and noticed instantly that
my machine was listening for incoming connections on ports 6010 and
6011.

I have no services running on these ports.

Needless to say, I was a bit perturbed...double-checked the process list
(and the one in /proc), telnetted into the ports (which responded, but
didn't produce any data).  Crap.  This after I've spent quite a happy
amount of time handling security on this machine (wrote my own custom
tripwire hack, do regular auditing, loghost is a seperate machine).

Turns out they were the X11 forwarding ports for sshd.  Sheesh.  I 0wned
myself. *grin*

Not as bad as the time I did "cp /usr/X11R6.old/bin/* /usr/X11R6/bin/"
(note the lack of "-i", and that this was after spending about four
hours building X...)

--
Don Werve <donw@examen.com>
Jr. Unix System Administrator

"Fear is the mind-killer." (Frank Herbert)


LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.