david_ross, this is what I get when I run chkconfig --list.
Code:
atd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off
anacron 0:off 1:off 2:on 3:on 4:on 5:on 6:off
crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off
sendmail 0:off 1:off 2:on 3:on 4:on 5:on 6:off
nscd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
netplugd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
NetworkManager 0:off 1:off 2:on 3:on 4:on 5:on 6:off
gpm 0:off 1:off 2:on 3:on 4:on 5:on 6:off
spamassassin 0:off 1:off 2:off 3:off 4:off 5:off 6:off
autofs 0:off 1:off 2:off 3:on 4:on 5:on 6:off
sshd 0:off 1:on 2:on 3:on 4:on 5:on 6:on
acpid 0:off 1:off 2:off 3:on 4:on 5:on 6:off
rpcidmapd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
irda 0:off 1:off 2:off 3:off 4:off 5:off 6:off
readahead 0:off 1:off 2:off 3:off 4:off 5:on 6:off
rawdevices 0:off 1:off 2:off 3:on 4:on 5:on 6:off
pcmcia 0:off 1:off 2:on 3:on 4:on 5:on 6:off
ypbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off
network 0:off 1:on 2:on 3:on 4:on 5:on 6:on
cups-config-daemon 0:off 1:off 2:off 3:on 4:on 5:on 6:off
ntpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
rhnsd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
rpcsvcgssd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
mdmonitor 0:off 1:off 2:on 3:on 4:on 5:on 6:off
smartd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
vncserver 0:off 1:off 2:off 3:off 4:off 5:off 6:off
irqbalance 0:off 1:off 2:off 3:on 4:on 5:on 6:off
portmap 0:off 1:off 2:on 3:on 4:on 5:on 6:off
xfs 0:off 1:off 2:on 3:on 4:on 5:on 6:off
apmd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
mdmpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
syslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off
diskdump 0:off 1:off 2:off 3:off 4:off 5:off 6:off
psacct 0:off 1:off 2:off 3:off 4:off 5:off 6:off
readahead_early 0:off 1:off 2:off 3:off 4:off 5:on 6:off
messagebus 0:off 1:off 2:off 3:on 4:on 5:on 6:off
isdn 0:off 1:off 2:on 3:on 4:on 5:on 6:off
nfslock 0:off 1:off 2:off 3:on 4:on 5:on 6:off
xinetd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
netdump 0:off 1:off 2:off 3:off 4:off 5:off 6:off
cpuspeed 0:off 1:on 2:on 3:on 4:on 5:on 6:off
saslauthd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
microcode_ctl 0:off 1:off 2:off 3:off 4:off 5:off 6:off
winbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off
nfs 0:off 1:on 2:on 3:on 4:on 5:on 6:on
haldaemon 0:off 1:off 2:off 3:on 4:on 5:on 6:off
rpcgssd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
bluetooth 0:off 1:off 2:off 3:off 4:off 5:off 6:off
mysql 0:off 1:off 2:on 3:on 4:on 5:on 6:off
kudzu 0:off 1:off 2:off 3:on 4:on 5:on 6:off
xinetd based services:
echo: off
chargen: off
rsync: off
gssftp: off
eklogin: off
daytime: off
time: off
klogin: off
time-udp: off
cups-lpd: off
daytime-udp: off
echo-udp: off
krb5-telnet: off
chargen-udp: off
kshell: off
===========================
Running 'services --status-all' command this is what I get:
acpid (pid 2394) is running...
anacron (pid 2592) is running...
atd (pid 2606) is running...
Configured Mount Points:
------------------------
Active Mount Points:
--------------------
hcid is stopped
sdpd is stopped
hidd is stopped
cpuspeed (pid 1921) is running...
crond (pid 2521) is running...
cupsd is stopped
cups-config-daemon (pid 2647) is running...
gpm (pid 2510) is running...
hald (pid 2658) is running...
Table: filter
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255
ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0
ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:631
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
irattach is stopped
irqbalance is stopped
mdmpd is stopped
dbus-daemon-1 (pid 3378 2625) is running...
/etc/init.d/microcode_ctl: microcode device /dev/cpu/0/microcode doesn't exist?
Usage: /etc/init.d/mysql start|stop|restart
netplugd is stopped
Configured devices:
lo eth0
Currently active devices:
lo eth0
NetworkManager (pid 2696) is running...
rpc.mountd (pid 2455) is running...
nfsd (pid 2449 2448 2447 2446 2445 2444 2443 2442) is running...
rpc.rquotad (pid 2433) is running...
rpc.statd (pid 2290) is running...
nscd is stopped
ntpd is stopped
cardmgr (pid 1970) is running...
portmap (pid 2270) is running...
Process accounting is disabled.
rhnsd (pid 2637) is running...
rpc.idmapd (pid 2323) is running...
saslauthd is stopped
sendmail (pid 2500 2492) is running...
smartd (pid 2384) is running...
spamd is stopped
sshd (pid 2404) is running...
syslogd (pid 2245) is running...
klogd (pid 2249) is running...
Xvnc is stopped
winbindd is stopped
xfs (pid 2582) is running...
xinetd (pid 2419) is running...
ypbind is stopped
By looking at this, do you see anything that look suspicious?
