Thank you for giving me feedback.
I just had a real bad stroke of luck and I think it's due to this.
I was running rkhunter today on my pc and it found parts of the TOrn rootkit on me. I went thru all my logs on that pc and on my network scanner, and nothing bad happened (thank god).
I've been doing some research on this rootkit, and it is known according to 'cert' to take action on the rc.statd daemon!
It was able to open up a listening port of 47107 as it usually does, but was not able to do much else. The exploit happened in last 24 hrs
since the last cron. I verified the port was open with netstat -l ..no app's were listed as using it tho. The rootkit wasn't able to create the /usr/src/.puta
So now the entire pc is being DOD wiped. All linux boxen are now not allowed to see internet or each other...back to windows until I get this figured out.