LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page Daemons running on unknown ports
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 11-11-2003, 07:09 PM   #1
robadawb
LQ Newbie
 
Registered: Mar 2003
Posts: 14

Rep: Reputation: 0
Daemons running on unknown ports

A external scan on my server shows 2 unknown ports open.

798 tcp
1003 tcp

According to RFC 793 these ports are unassigned and should NOT have anything running on them. Can anyone recommend the first step I should take to determine what is running on these ports and how to turn them off if needed. My server is running Mandrake 9.1-2.4.21 and is behind a firewall/router. Thanks in advance.
 
Old 11-12-2003, 05:23 AM   #2
markus1982
Senior Member
 
Registered: Aug 2002
Location: Stuttgart (Germany)
Distribution: Debian/GNU Linux
Posts: 1,467

Rep: Reputation: 46
Run netstat -A inet -lp on your box and watch the output.
 
Old 11-12-2003, 02:11 PM   #3
robadawb
LQ Newbie
 
Registered: Mar 2003
Posts: 14

Original Poster
Rep: Reputation: 0
Running netstat -A inet -lp shows the following...

tcp 0 0 *:798 *:* LISTEN 1043/rpc.ypxfrd
tcp 0 0 *:1003 *:* LISTEN 822/ypserv

Then a little googling and I find that these daemons are part of NIS (Network Information Service). Formerly known as the Sun Yellow Pages (explains the ypserv & ypxfrd).

http://www.linux-nis.org/

Turns out these littl' buggers distribute information across a network, like login names/passwords/home directories/group information/host names/ip numbers. The purpose of all this is that if you have a group of machines all running NIS and your password is stored in the NIS database then you can login into any machine of the network that is running the NIS client program. Needless to say....I turned this service OFF. Thanks for you reply, markus1982.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Two daemons running on the same port Quantum0726 Linux - Networking 4 08-15-2005 10:39 PM
unknown ports running ddaas Linux - Security 6 02-24-2005 05:41 AM
unknown ports open????? globeTrotter Linux - Security 12 09-25-2004 03:46 AM
command to see daemons running? kpachopoulos Linux - Newbie 3 09-13-2004 06:17 AM
Two Printer Daemons Running angelaramesys Linux - Software 0 07-15-2004 07:44 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 06:23 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration