Security Incidents mailing list archives
rpciod and ports 799/800 udp
From: "J. J. Horner" <jhorner () 2JNETWORKS COM>
Date: Mon, 18 Sep 2000 09:38:37 -0400
My machine is trying to listen on udp ports 799 and 800. The only process still active is rpciod and it won't die. Does anyone know if this matches an m.o. of a known rootkit? I have udp 799 and 800 blocked at my firewall, but I'd like to know what is going on. These ports do not list an owning process when running 'netstat -tupan'. Thanks, -- J. J. Horner jjhorner () bellsouth net System has been up: 30 days.
Current thread:
- rpciod and ports 799/800 udp J. J. Horner (Sep 18)
- Re: rpciod and ports 799/800 udp H D Moore (Sep 19)