From owner-freebsd-security Wed Dec 12 15:59:41 2001 Delivered-To: freebsd-security@freebsd.org Received: from I-Sphere.COM (shell.i-sphere.com [209.249.146.70]) by hub.freebsd.org (Postfix) with ESMTP id 6E81D37B417 for ; Wed, 12 Dec 2001 15:59:39 -0800 (PST) Received: (from fasty@localhost) by I-Sphere.COM (8.11.6/8.11.6) id fBD00qO63977; Wed, 12 Dec 2001 16:00:52 -0800 (PST) (envelope-from fasty) Date: Wed, 12 Dec 2001 16:00:52 -0800 From: faSty To: "Mr. Chan" Cc: freebsd-security@freebsd.org Subject: Re: Question about port 50000 Message-ID: <20011212160052.I63034@i-sphere.com> References: <5.0.2.1.0.20011212185722.00aaa098@90.0.0.3> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <5.0.2.1.0.20011212185722.00aaa098@90.0.0.3>; from bacid@ottawa.com on Wed, Dec 12, 2001 at 06:58:47PM -0800 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org you can use lsof command or sockstat to find what program running 50000 port. -trev On Wed, Dec 12, 2001 at 06:58:47PM -0800, Mr. Chan wrote: > Hey, > > I installed FBSD 4.4 a few days ago and noticed a weird port that is running.. > > tcp4 0 0 *.50000 *.* LISTEN > > Now this is a brand new installation, so i doubt i got hacked/root kitted.. > > When i telnet to it this is all i get: > > > telnet localhost 50000 > Trying 127.0.0.1... > Connected to localhost.cpu1058.adsl.bellglobal.com. > Escape character is '^]'. > help > -Unknown command > ? > -Unknown command > ?! > -Unknown command > > > Any ideas? > > Thanks > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- After living in New York, you trust nobody, but you believe everything. Just in case. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message