[root@supermario xon]# netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 localhost:32768 *:* LISTEN
tcp 0 0 localhost:10026 *:* LISTEN
tcp 0 0 *:sunrpc *:* LISTEN
tcp 0 0 localhost:smtp *:* LISTEN
udp 0 0 localhost:domain *:*
udp 0 0 224.0.0.251:5353 *:*
udp 0 0 localhost:5353 *:*
udp 0 0 *:sunrpc *:*
[root@supermario xon]# nmap -sS -P0 -O 212.205.247.4
Starting nmap 3.50 (
http://www.insecure.org/nmap/ ) at 2004-10-05 01:28 EDT
Interesting ports on xxx.xxx (xxx.xxx.xxx.xxx):
(The 1658 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
111/tcp open rpcbind
Device type: general purpose
Running: Linux 2.4.X
OS details: Linux 2.4.7 (X86)
Nmap run completed -- 1 IP address (1 host up) scanned in 6.678 seconds
When im online these are happening, when im not "smtp" listens on 25 port. How when im getting online smtp stops listening?
Is there any possibility of compromised? The 32768 port with fuser -v -n tcp 32768 shows that postfix listens there, should i stop it with chkconfig? Im not using it (even smtp even rpcbind)
From where i can stop rcpbind/sunrpc?