RE: Port 80 open without WebServer

["Thomas48" <thomas48 () singnet com sg>]

Dear all

Finally there's going to be a true blue security conference in Singapore
that is product and vendor neutral.

The Symposium on Security for Asia Network (SyScAN "04) would be held on
16th - 17th December 2004 in Singapore. SyScan "04 would be held at the
beautiful Swissotel Merchant Court Hotel, which is located a stone throw
away from the financial and the pub districts, and 10 minutes away from the
famous shopping belt of Orchard Road.

SyScAN "04 boasts a list of expert speakers in their various fields, coming
from US and Europe and the topics would be scintillating and mesmerising.

SyScAN "04 would be a wonderful avenue for all security enthusiasts from all
over the world, especially those from Asia, to gather and fraternise.

Please do visit www.syscan.org for more information and register.


Thanks!

*********************************************
Organising Committee
SyScAN "04

Confidentiality Notice: This e-mail transmission may contain confidential or
legally privileged information that is intended only for the individual or
entity named in the e-mail address. If you receive this e-mail in error,
please delete this message immediately. Further, you should not re-transmit,
copy, store, or reveal the contents of this message to any third party.


-----Original Message-----
From: Ivan Coric [mailto:ivan.coric () workcoverqld com au]
Sent: Friday, July 02, 2004 6:58 AM
To: security-basics () securityfocus com; listassec () yahoo com
Subject: Re: Port 80 open without WebServer


Paulo,
run "netstat -tna" will show you all the tcp listeners.

download and install lsof
http://freshmeat.net/projects/lsof/

then run "lsof -i" will show you all the processes for udp and tcp.

cheers
Ivan


Ivan Coric, CISSP
IT Technical Security Officer
Information Technology
WorkCover Queensland
Ph: (07) 30066414 Fax: (07) 30066424
Email: ivan.coric () workcoverqld com au

> > > Paulo <listassec () yahoo com> 06/30/04 09:24pm >>>
Hi,

I runned the Nessus on a Redhat/Conectiva 9 and i
received the alert:

Security Note: Port: www-http (80/tcp).

I don't runnig http server (apache) and in netstat
-anp don't show port 80. I run also chkrootkit and it
detect nothing. I run clamav and it detect nothing
too.

Anyone can help me?

Thanks





__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - Send 10MB messages!
http://promotions.yahoo.com/new_mail

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------







***************************************************************************
Messages included in this e-mail and any of its attachments are those
of the author unless specifically stated to represent WorkCover Queensland.
The contents of this message are to be used for the intended purpose only
and are to be kept confidential at all times.
This message may contain privileged information directed only to the
intended addressee/s. Accidental receipt of this information should be
deleted promptly and the sender notified.
This e-mail has been scanned by Sophos for known viruses.
However, no warranty nor liability is implied in this respect.
**********************************************************************


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.708 / Virus Database: 464 - Release Date: 6/18/2004

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.708 / Virus Database: 464 - Release Date: 6/18/2004



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------