[lug] performing security checks...
C Menzes
charles at lunarmedia.net
Wed Dec 20 11:34:27 MST 2000
6000-6063 are used for the Xserver. If something is being opened on port
6000 and you're running x, i think you are okay. if something should open
up on a port 6001-6063, then i would look into it. it could mean that
someone is trying to pop a remote x session from your machine.
On Wed, 20 Dec 2000, Scott A. Herod wrote:
> [Cool, every time I tried to actually reply to this message, Netscape
> 4.76 died a quick death.]
>
> > On a similar note, how would I find what is actually opening a port for listening
> > so I can investigate the messages about port 6000 being opened? I've looked at
> > the security logs in /var/logs and don't see anything giving me more info than I
> > already have.
>
> Is port 6000 the X server? I hope so because that's what my
> machine reports. Use 'lsof -i' as root to see what process
> is watching which port.
>
> Also, while not a guarantee, see if a line like:
>
> rpm --verify `rpm --query -f \`which lsof\``
>
> reports any errors first. See the rpm manpage to interpret any
> response.
>
> Scott
>
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>
More information about the LUG
mailing list