From owner-freebsd-security Thu Dec 13 8: 0:37 2001 Delivered-To: freebsd-security@freebsd.org Received: from salseiros.melim.com.br (salseiros.melim.com.br [200.215.110.23]) by hub.freebsd.org (Postfix) with ESMTP id 33B2737B41D for ; Thu, 13 Dec 2001 08:00:28 -0800 (PST) Received: from fazendinha (ressacada.melim.com.br [200.215.110.4]) by salseiros.melim.com.br (Postfix) with SMTP id 0A652BAB6; Thu, 13 Dec 2001 14:00:20 -0200 (BRST) Message-ID: <058d01c183ef$ce77e1b0$2aa8a8c0@melim.com.br> From: "Ronan Lucio" To: , "Mr. Chan" References: <5.0.2.1.0.20011212185722.00aaa098@90.0.0.3> Subject: Re: Question about port 50000 Date: Thu, 13 Dec 2001 14:04:12 -0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > Hey, > > I installed FBSD 4.4 a few days ago and noticed a weird port that is running.. > > tcp4 0 0 *.50000 *.* LISTEN > > Now this is a brand new installation, so i doubt i got hacked/root kitted.. > > When i telnet to it this is all i get: > > > telnet localhost 50000 > Trying 127.0.0.1... > Connected to localhost.cpu1058.adsl.bellglobal.com. > Escape character is '^]'. Itīs really weird, Openssh from FreeBSD-4.4 is vulnerable, do you have Openssh istalled? []īs Ronan > help > -Unknown command > ? > -Unknown command > ?! > -Unknown command > > > Any ideas? > > Thanks > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message