Hi all
Little concerned about security here as...
# nmap 127.0.0.1
PORT STATE SERVICE
111/tcp open rpcbind
631/tcp open ipp
807/tcp open unknown <--???
... then...
# netstat -a | grep 807
tcp 0 0 *:807 *:* LISTEN
Q. Call me paranoid but how would one go about tracing the service that opens this port?
A. Just looked at "Click here to find similar threads" (thx linuxquestions
& found "netstat -tlnp" &/or "netstat -pantu".
# netstat -tlnp
tcp 0 0 0.0.0.0:807 0.0.0.0:* LISTEN 2321/rpc.statd
So now after googling around for rpc.statd:
NAME
rpc.statd - NSM status monitor
SYNOPSIS
/sbin/rpc.statd [-F] [-d] [-?] [-n name ] [-o port ] [-p port ] [-V]
DESCRIPTION
The rpc.statd server implements the NSM (Network Status Monitor) RPC protocol. This service is somewhat misnomed, since it doesn't actually provide active monitoring as one might suspect; instead, NSM implements a reboot notification service. It is used by the NFS file locking service, rpc.lockd, to implement lock recovery when the NFS server machine crashes and reboots.
Anyway, this turned into solution rather than a question.
Hope this helps
G