LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 11-12-2004, 01:17 PM   #1
DaVenom
LQ Newbie
 
Registered: Mar 2004
Distribution: Slackware
Posts: 19

Rep: Reputation: 0
Help! My system's been compromised....


Hi...

I just started using the net from Linux. (Slackware 9.1 upgraded). I have followed a security tutorial and turned of ftp, finger, ntalk etc in the inetd.conf file.

I have a cable connection. Even if nothing is open, I seem to be receiveing packets according to Network Monitor 2.6.1.

NMapfe shows ssh, smtp and another called 'submission'. I am assuming that 'submission' is what I used to log on to my ISP(I got a small client from my ISP to do the authentication with their server). But I'm not sure. How do I find out if its legit and if its not these then why am I receiving packets.

Thanks
JJ
 
Old 11-12-2004, 03:49 PM   #2
Mara
Moderator
 
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,696

Rep: Reputation: 232Reputation: 232Reputation: 232
Receiving is usually not that bad. Is your machine sending something you don't know about?

When you're connected to the Net you get a number of scans, if you also run an SMTP server you get a number of tries to use it (for spaming, for example).

You can write down a certain period of transmission it/out and then look into this. From the tools you can use to get the traffic and then analyze it I recommend ethereal. If you don't know how to read TCP/IP you may have trouble, through. But at least you'll have something.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How the system's envionment was build? docterling Linux - Newbie 1 03-10-2005 08:25 AM
system's erros on RH9 PC caf Red Hat 0 05-29-2004 02:38 PM
Weird restart, my system's compromised? herc Linux - Security 2 04-11-2004 06:51 PM
What else can I do to improve my System's Security? Artimus Linux - Security 7 04-13-2003 05:26 PM
File system's properties hotrodowner Linux - General 3 07-04-2002 11:20 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:20 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration