1 |
I nmap'ed one of my remote Gentoo servers today and besides the |
2 |
expected open ports were these: |
3 |
|
4 |
1080/tcp open socks |
5 |
3128/tcp open squid-http |
6 |
8080/tcp open http-proxy |
7 |
|
8 |
I'm not running any sort of proxy software that I know of and I should |
9 |
be the only person whatsoever with access to the machine. 'netstat |
10 |
-l' doesn't show any info on those ports at all so I suppose it's been |
11 |
hacked as well? I installed and ran 'rkhunter --check' (what happened |
12 |
to the chrootkit ebuild?) but it doesn't seem to be much use since I |
13 |
hadn't established a "file of stored file properties". |
14 |
|
15 |
What do you guys think is going on? What should I do from here? |
16 |
|
17 |
- Grant |