Date: Wed, 25 Jul 2001 10:33:01 +0800 From: "jett" <tayerv@team.ph.inter.net> To: "freebsd-bugs" <freebsd-bugs@freebsd.org> Subject: broken into via ssh? Message-ID: <013401c114b2$20c37860$4b443dca@jett>
next in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. ------=_NextPart_000_0131_01C114F5.2E480760 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable im running freebsd 3.5-stable=20 when i did netstat -an | grep LISTEN here's the result bash-2.04$ netstat -an | grep LISTEN tcp 0 0 *.80 *.* LISTEN tcp 0 0 *.443 *.* LISTEN tcp 0 0 *.31341 *.* LISTEN tcp 0 0 *.22 *.* LISTEN noticed the 31341 port that is listening then i did=20 bash-2.04$ telnet localhost 31341 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. SSH-1.5-1.2.27 then on port 22 bash-2.04$ telnet localhost 22 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. SSH-1.5-OpenSSH_2.9p2 i was surprised that i was running two different versions of ssh. was my = server broken into? ------=_NextPart_000_0131_01C114F5.2E480760 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3Diso-8859-1"> <META content=3D"MSHTML 5.50.4134.600" name=3DGENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=3D#ffffff> <DIV><FONT face=3DArial size=3D2>im running freebsd 3.5-stable = </FONT></DIV> <DIV><FONT face=3DArial size=3D2>when i did netstat -an | grep = LISTEN</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>here's the result</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>bash-</FONT><FONT face=3DArial = size=3D2>2.04$ netstat=20 -an | grep LISTEN<BR>tcp =20 0 0=20 *.80 &nb= sp; =20 *.* &nbs= p; =20 LISTEN<BR>tcp =20 0 0=20 *.443 &n= bsp; =20 *.* &nbs= p; =20 LISTEN<BR>tcp =20 0 0=20 *.31341 = =20 *.* &nbs= p; =20 LISTEN<BR>tcp =20 0 0=20 *.22 &nb= sp; =20 *.* &nbs= p; =20 LISTEN<BR></FONT></DIV> <DIV><FONT face=3DArial size=3D2>noticed the 31341 port that is=20 listening</FONT></DIV> <DIV><FONT face=3DArial size=3D2>then i did </FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>bash-2.04$ telnet localhost = 31341<BR>Trying=20 127.0.0.1...<BR>Connected to localhost.<BR>Escape character is=20 '^]'.<BR>SSH-1.5-1.2.27<BR></FONT></DIV> <DIV><FONT face=3DArial size=3D2>then on port 22</FONT></DIV> <DIV><FONT face=3DArial size=3D2>bash-2.04$ telnet localhost = 22<BR>Trying=20 127.0.0.1...<BR>Connected to localhost.<BR>Escape character is=20 '^]'.<BR>SSH-1.5-OpenSSH_2.9p2<BR></FONT></DIV> <DIV><FONT face=3DArial size=3D2>i was surprised that i was running two = different=20 versions of ssh. was my server broken into?</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2> </DIV></FONT></BODY></HTML> ------=_NextPart_000_0131_01C114F5.2E480760-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?013401c114b2$20c37860$4b443dca>