[ubuntu-it] Due strani risultati con "chkrootkit" e "rkhunter --checkall"
Nakinub
nakinub a autistici.org
Lun 20 Feb 2006 09:01:58 UTC
ecco fatto....
xxx a ubuntu:~$ sudo netstat -anp -t tcp
Password:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address
State PID/Program name
tcp 0 0 0.0.0.0:5280 0.0.0.0:*
LISTEN 7 656/beam
tcp 0 0 127.0.0.1:32769 0.0.0.0:*
LISTEN 7 492/hpiod
tcp 0 0 127.0.0.1:32770 0.0.0.0:*
LISTEN 7 540/python
tcp 0 0 0.0.0.0:5222 0.0.0.0:*
LISTEN 7 656/beam
tcp 0 0 0.0.0.0:32774 0.0.0.0:*
LISTEN 7 656/beam
tcp 0 0 0.0.0.0:5223 0.0.0.0:*
LISTEN 7 656/beam
tcp 0 0 127.0.0.1:32776 0.0.0.0:*
LISTEN 7 856/ssl_esock
tcp 0 0 127.0.0.1:3306 0.0.0.0:*
LISTEN 7 903/mysqld
tcp 0 0 0.0.0.0:19150 0.0.0.0:*
LISTEN 7 823/gkrellmd
tcp 0 0 0.0.0.0:4369 0.0.0.0:*
LISTEN 7 637/epmd
tcp 0 0 0.0.0.0:5269 0.0.0.0:*
LISTEN 7 656/beam
tcp 0 0 0.0.0.0:4662 0.0.0.0:*
LISTEN 8 564/amule
tcp 0 0 127.0.0.1:8118 0.0.0.0:*
LISTEN 8 184/privoxy
tcp 0 0 127.0.0.1:631 0.0.0.0:*
LISTEN 7 468/cupsd
tcp 0 0 0.0.0.0:25 0.0.0.0:*
LISTEN 8 062/master
tcp 0 0 127.0.0.1:9050 0.0.0.0:*
LISTEN 8 230/tor
tcp 0 0 0.0.0.0:538 0.0.0.0:*
LISTEN 7 816/gdomap
tcp 0 0 127.0.0.1:33698 127.0.0.1:32769
ESTABLISHED7 540/python
tcp 0 0 39.2.1.33:50262 80.100.18.37:4662
ESTABLISHED8 564/amule
tcp 0 0 39.2.1.33:34438 39.237.22.42:4662
TIME_WAIT -
tcp 0 0 39.2.1.33:33065 41.24.216.82:4662
ESTABLISHED8 564/amule
tcp 0 1 39.2.1.33:32956 84.120.195.156:4662
FIN_WAIT1 -
tcp 0 0 39.2.1.33:40043 84.119.95.242:40662
ESTABLISHED8 564/amule
tcp 0 0 39.2.1.33:56642 83.176.64.118:4662
ESTABLISHED8 564/amule
tcp 0 0 39.2.1.33:56826 82.59.69.199:4662
ESTABLISHED8 564/amule
tcp 0 0 127.0.0.1:32775 127.0.0.1:4369
ESTABLISHED7 656/beam
tcp 0 0 127.0.0.1:4369 127.0.0.1:32775
ESTABLISHED7 637/epmd
tcp 0 0 39.2.1.33:47542 82.59.130.252:4662
ESTABLISHED8 564/amule
tcp 0 0 39.2.1.33:52992 87.3.213.182:7662
ESTABLISHED8 564/amule
tcp 0 0 39.2.1.33:40595 80.116.163.192:4662
ESTABLISHED8 564/amule
tcp 0 0 127.0.0.1:32769 127.0.0.1:33698
ESTABLISHED7 492/hpiod
tcp 0 0 39.2.1.33:57716 37.10.116.41:4662
ESTABLISHED8 564/amule
tcp 0 0 39.2.1.33:57231 82.59.94.178:4662
ESTABLISHED8 564/amule
tcp 0 0 39.2.1.33:51767 82.51.120.207:4662
ESTABLISHED8 564/amule
tcp 0 0 39.2.1.33:37288 83.184.187.223:4662
TIME_WAIT -
tcp 0 0 39.2.1.33:52378 84.177.159.88:4662
TIME_WAIT -
tcp 1 135 39.2.1.33:59933 82.232.76.117:4662
LAST_ACK -
tcp 0 0 39.2.1.33:40106 60.17.138.238:4166
TIME_WAIT -
tcp 0 0 127.0.0.1:631 127.0.0.1:50038
ESTABLISHED7 468/cupsd
tcp 0 0 127.0.0.1:50038 127.0.0.1:631
ESTABLISHED8 502/gnome-cups-ico
tcp 0 0 39.2.1.33:39135 87.2.109.84:4662
ESTABLISHED8 564/amule
tcp 0 0 39.2.1.33:41574 195.245.244.243:4661
ESTABLISHED8 564/amule
tcp 0 0 39.2.1.33:32781 84.221.98.21:4660
ESTABLISHED8 564/amule
tcp 0 0 39.2.1.33:33386 87.11.202.105:4662
TIME_WAIT -
tcp6 0 0 :::19150 :::*
LISTEN 7 823/gkrellmd
tcp6 0 0 :::80 :::*
LISTEN 8 346/apache2
Maggiori informazioni sulla lista
ubuntu-it