我用nmap看了一下自己開了哪些ports
結果有
4662/tcp open edonkey
7070/tcp open realserver
31416/tcp open boinc-client
第一個和第三個是我自己開的
可是我不清楚第二為什麼會有程式開了一個real server
請問這樣是被駭嗎? 有沒有辦法看port是哪個程式開的呢?
請問哪些程式會開real server
版主: mufa
5 篇文章
• 第 1 頁 (共 1 頁)
請問哪些程式會開real server
由 ARMS » 週日 9月 30, 2007 12:53 am
-
ARMS - 可愛的小學生
- 文章: 35
- 註冊時間: 週五 3月 25, 2005 9:44 pm
- 來自: 吉他島
由 ARMS » 週日 9月 30, 2007 12:57 pm
我重開機以後又nmap了一次
一樣是有開
7070/tcp open realserver
31416/tcp open boinc-clien
我用ps -A去把所有的工作叫出來,請問有什麼是不應該有嗎?
PID TTY TIME CMD
1 ? 00:00:01 init
2 ? 00:00:00 kthreadd
3 ? 00:00:00 migration/0
4 ? 00:00:00 ksoftirqd/0
5 ? 00:00:00 watchdog/0
6 ? 00:00:00 migration/1
7 ? 00:00:00 ksoftirqd/1
8 ? 00:00:00 watchdog/1
9 ? 00:00:00 events/0
10 ? 00:00:00 events/1
11 ? 00:00:00 khelper
30 ? 00:00:00 kblockd/0
31 ? 00:00:00 kblockd/1
32 ? 00:00:00 kacpid
33 ? 00:00:00 kacpi_notify
121 ? 00:00:00 kseriod
139 ? 00:00:00 pdflush
140 ? 00:00:00 pdflush
141 ? 00:00:00 kswapd0
142 ? 00:00:00 aio/0
143 ? 00:00:00 aio/1
692 ? 00:00:00 ksuspend_usbd
695 ? 00:00:00 khubd
793 ? 00:00:00 ata/0
794 ? 00:00:00 ata/1
795 ? 00:00:00 ata_aux
1090 ? 00:00:00 kjournald
1262 ? 00:00:00 udevd
1666 ? 00:00:00 kedac
1709 ? 00:00:00 kgameportd
1735 ? 00:00:00 kpsmoused
2045 ? 00:00:00 ksnapd
2086 ? 00:00:00 kjournald
2087 ? 00:00:00 kjournald
2088 ? 00:00:00 kjournald
2089 ? 00:00:00 kjournald
2090 ? 00:00:00 kjournald
2368 ? 00:00:00 pppd
2587 ? 00:00:00 syslogd
2606 ? 00:00:00 klogd
2703 ? 00:00:00 acpid
2733 ? 00:00:00 boinc_client
2741 ? 00:00:00 dbus-daemon
2756 ? 00:00:00 nullmailer-send
2764 ? 00:00:00 popfile.pl
2766 ? 00:00:00 setiathome-5.27
2815 ? 00:00:00 ntpd
2825 ? 00:00:00 hald
2826 ? 00:00:00 hald-runner
2831 ? 00:00:00 setiathome-5.27
2832 ? 00:09:00 setiathome-5.27
2833 ? 00:00:00 setiathome-5.27
2835 ? 00:00:00 hald-addon-keyb
2836 ? 00:00:00 hald-addon-keyb
2837 ? 00:00:00 hald-addon-keyb
2840 ? 00:00:00 hald-addon-acpi
2857 ? 00:00:00 hald-addon-stor
2859 ? 00:00:00 hald-addon-stor
2869 ? 00:00:00 cron
2893 tty1 00:00:00 login
2895 tty2 00:00:00 getty
2897 tty3 00:00:00 getty
2898 tty4 00:00:00 getty
2899 tty5 00:00:00 getty
2900 tty6 00:00:00 getty
2911 tty1 00:00:00 bash
2924 tty1 00:00:00 startx
2940 tty1 00:00:00 xinit
2941 tty7 00:00:19 Xorg
2945 tty1 00:00:00 x-session-manag
2975 tty1 00:00:00 gcin
2979 tty1 00:00:00 dbus-launch
2980 ? 00:00:00 dbus-daemon
2985 ? 00:00:00 xfce-mcs-manage
2987 ? 00:00:00 kdeinit
2991 ? 00:00:00 dcopserver
2993 ? 00:00:00 klauncher
2995 ? 00:00:00 kded
2998 ? 00:00:00 gam_server
3003 tty1 00:00:00 gnome-keyring-d
3004 tty1 00:00:00 xfwm4
3005 tty1 00:00:00 Thunar
3006 tty1 00:00:01 xfdesktop
3011 tty1 00:00:01 xfce4-panel
3017 ? 00:00:00 update-notifier
3019 tty1 00:00:00 xfce4-menu-plug
3020 tty1 00:00:00 xfce4-mailwatch
3022 ? 00:00:00 gconfd-2
3023 tty1 00:00:00 xfce4-mixer-plu
3026 ? 00:01:05 firefox-bin
3084 ? 00:00:01 gksu
3089 pts/0 00:00:00 su
3092 pts/0 00:00:00 gksu-run-helper
3097 pts/0 00:00:16 synaptic
3100 pts/0 00:00:00 http
3101 pts/0 00:00:00 http
3102 pts/0 00:00:00 http
3103 pts/0 00:00:00 http
3104 pts/0 00:00:00 http
3107 pts/0 00:00:00 gpgv
3113 pts/0 00:00:00 gzip
3117 pts/0 00:00:32 rred
3129 pts/0 00:00:00 bzip2
3148 ? 00:00:00 xfce4-terminal
3149 ? 00:00:00 gnome-pty-helpe
3150 pts/1 00:00:00 bash
3162 pts/1 00:00:00 ps
一樣是有開
7070/tcp open realserver
31416/tcp open boinc-clien
我用ps -A去把所有的工作叫出來,請問有什麼是不應該有嗎?
PID TTY TIME CMD
1 ? 00:00:01 init
2 ? 00:00:00 kthreadd
3 ? 00:00:00 migration/0
4 ? 00:00:00 ksoftirqd/0
5 ? 00:00:00 watchdog/0
6 ? 00:00:00 migration/1
7 ? 00:00:00 ksoftirqd/1
8 ? 00:00:00 watchdog/1
9 ? 00:00:00 events/0
10 ? 00:00:00 events/1
11 ? 00:00:00 khelper
30 ? 00:00:00 kblockd/0
31 ? 00:00:00 kblockd/1
32 ? 00:00:00 kacpid
33 ? 00:00:00 kacpi_notify
121 ? 00:00:00 kseriod
139 ? 00:00:00 pdflush
140 ? 00:00:00 pdflush
141 ? 00:00:00 kswapd0
142 ? 00:00:00 aio/0
143 ? 00:00:00 aio/1
692 ? 00:00:00 ksuspend_usbd
695 ? 00:00:00 khubd
793 ? 00:00:00 ata/0
794 ? 00:00:00 ata/1
795 ? 00:00:00 ata_aux
1090 ? 00:00:00 kjournald
1262 ? 00:00:00 udevd
1666 ? 00:00:00 kedac
1709 ? 00:00:00 kgameportd
1735 ? 00:00:00 kpsmoused
2045 ? 00:00:00 ksnapd
2086 ? 00:00:00 kjournald
2087 ? 00:00:00 kjournald
2088 ? 00:00:00 kjournald
2089 ? 00:00:00 kjournald
2090 ? 00:00:00 kjournald
2368 ? 00:00:00 pppd
2587 ? 00:00:00 syslogd
2606 ? 00:00:00 klogd
2703 ? 00:00:00 acpid
2733 ? 00:00:00 boinc_client
2741 ? 00:00:00 dbus-daemon
2756 ? 00:00:00 nullmailer-send
2764 ? 00:00:00 popfile.pl
2766 ? 00:00:00 setiathome-5.27
2815 ? 00:00:00 ntpd
2825 ? 00:00:00 hald
2826 ? 00:00:00 hald-runner
2831 ? 00:00:00 setiathome-5.27
2832 ? 00:09:00 setiathome-5.27
2833 ? 00:00:00 setiathome-5.27
2835 ? 00:00:00 hald-addon-keyb
2836 ? 00:00:00 hald-addon-keyb
2837 ? 00:00:00 hald-addon-keyb
2840 ? 00:00:00 hald-addon-acpi
2857 ? 00:00:00 hald-addon-stor
2859 ? 00:00:00 hald-addon-stor
2869 ? 00:00:00 cron
2893 tty1 00:00:00 login
2895 tty2 00:00:00 getty
2897 tty3 00:00:00 getty
2898 tty4 00:00:00 getty
2899 tty5 00:00:00 getty
2900 tty6 00:00:00 getty
2911 tty1 00:00:00 bash
2924 tty1 00:00:00 startx
2940 tty1 00:00:00 xinit
2941 tty7 00:00:19 Xorg
2945 tty1 00:00:00 x-session-manag
2975 tty1 00:00:00 gcin
2979 tty1 00:00:00 dbus-launch
2980 ? 00:00:00 dbus-daemon
2985 ? 00:00:00 xfce-mcs-manage
2987 ? 00:00:00 kdeinit
2991 ? 00:00:00 dcopserver
2993 ? 00:00:00 klauncher
2995 ? 00:00:00 kded
2998 ? 00:00:00 gam_server
3003 tty1 00:00:00 gnome-keyring-d
3004 tty1 00:00:00 xfwm4
3005 tty1 00:00:00 Thunar
3006 tty1 00:00:01 xfdesktop
3011 tty1 00:00:01 xfce4-panel
3017 ? 00:00:00 update-notifier
3019 tty1 00:00:00 xfce4-menu-plug
3020 tty1 00:00:00 xfce4-mailwatch
3022 ? 00:00:00 gconfd-2
3023 tty1 00:00:00 xfce4-mixer-plu
3026 ? 00:01:05 firefox-bin
3084 ? 00:00:01 gksu
3089 pts/0 00:00:00 su
3092 pts/0 00:00:00 gksu-run-helper
3097 pts/0 00:00:16 synaptic
3100 pts/0 00:00:00 http
3101 pts/0 00:00:00 http
3102 pts/0 00:00:00 http
3103 pts/0 00:00:00 http
3104 pts/0 00:00:00 http
3107 pts/0 00:00:00 gpgv
3113 pts/0 00:00:00 gzip
3117 pts/0 00:00:32 rred
3129 pts/0 00:00:00 bzip2
3148 ? 00:00:00 xfce4-terminal
3149 ? 00:00:00 gnome-pty-helpe
3150 pts/1 00:00:00 bash
3162 pts/1 00:00:00 ps
-
ARMS - 可愛的小學生
- 文章: 35
- 註冊時間: 週五 3月 25, 2005 9:44 pm
- 來自: 吉他島
由 ARMS » 週四 10月 04, 2007 12:20 am
結果如下,可是為什麼是perl呀?
======
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:31416 0.0.0.0:* LISTEN 2753/boinc_client
tcp 0 0 127.0.0.1:7070 0.0.0.0:* LISTEN 2787/perl
tcp 0 0 127.0.0.1:7071 0.0.0.0:* LISTEN 2787/perl
udp 0 0 61.228.62.16:123 0.0.0.0:* 2839/ntpd
udp 0 0 127.0.0.1:123 0.0.0.0:* 2839/ntpd
udp 0 0 0.0.0.0:123 0.0.0.0:* 2839/ntpd
udp6 0 0 fe80::250:baff:feec:123 :::* 2839/ntpd
udp6 0 0 ::1:123 :::* 2839/ntpd
udp6 0 0 :::123 :::* 2839/ntpd
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node PID/Program name Path
unix 2 [ ACC ] STREAM LISTENING 8506 2738/acpid /var/run/acpid.socket
unix 2 [ ACC ] STREAM LISTENING 8568 2764/dbus-daemon /var/run/dbus/system_bus_socket
unix 6 [ ] DGRAM 8273 2609/syslogd /dev/log
unix 2 [ ] DGRAM 4777 1298/udevd @/org/kernel/udev/udevd
unix 2 [ ACC ] STREAM LISTENING 8752 2849/hald @/var/run/hald/dbus-ydqQntVARG
unix 2 [ ] DGRAM 8760 2849/hald @/org/freedesktop/hal/udev_event
unix 2 [ ACC ] STREAM LISTENING 8749 2849/hald @/var/run/hald/dbus-e2N7xGArtD
unix 2 [ ] DGRAM 9795 2919/login
unix 3 [ ] STREAM CONNECTED 9555 2849/hald @/var/run/hald/dbus-e2N7xGArtD
unix 3 [ ] STREAM CONNECTED 9554 2886/hdd (every 2 s
unix 3 [ ] STREAM CONNECTED 9553 2764/dbus-daemon /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 9552 2886/hdd (every 2 s
unix 3 [ ] STREAM CONNECTED 9548 2849/hald @/var/run/hald/dbus-e2N7xGArtD
unix 3 [ ] STREAM CONNECTED 9547 2884/hdc (every 2 s
unix 3 [ ] STREAM CONNECTED 9544 2764/dbus-daemon /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 9543 2884/hdc (every 2 s
unix 3 [ ] STREAM CONNECTED 9410 2738/acpid /var/run/acpid.socket
unix 3 [ ] STREAM CONNECTED 9407 2861/acpid.socket
unix 3 [ ] STREAM CONNECTED 9389 2849/hald @/var/run/hald/dbus-e2N7xGArtD
unix 3 [ ] STREAM CONNECTED 9384 2861/acpid.socket
unix 3 [ ] STREAM CONNECTED 9388 2849/hald @/var/run/hald/dbus-e2N7xGArtD
unix 3 [ ] STREAM CONNECTED 9380 2858/event4
unix 3 [ ] STREAM CONNECTED 9383 2849/hald @/var/run/hald/dbus-e2N7xGArtD
unix 3 [ ] STREAM CONNECTED 9245 2857/event3
unix 3 [ ] STREAM CONNECTED 9377 2849/hald @/var/run/hald/dbus-e2N7xGArtD
unix 3 [ ] STREAM CONNECTED 9238 2856/event0
unix 3 [ ] STREAM CONNECTED 8755 2849/hald @/var/run/hald/dbus-ydqQntVARG
unix 3 [ ] STREAM CONNECTED 8754 2850/hald-runner
unix 3 [ ] STREAM CONNECTED 8751 2764/dbus-daemon /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 8750 2849/hald
unix 2 [ ] DGRAM 8718 2839/ntpd
unix 2 [ ] DGRAM 8613 2779/nullmailer-sen
unix 3 [ ] STREAM CONNECTED 8571 2764/dbus-daemon
unix 3 [ ] STREAM CONNECTED 8570 2764/dbus-daemon
unix 2 [ ] DGRAM 8296 2629/klogd
======
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:31416 0.0.0.0:* LISTEN 2753/boinc_client
tcp 0 0 127.0.0.1:7070 0.0.0.0:* LISTEN 2787/perl
tcp 0 0 127.0.0.1:7071 0.0.0.0:* LISTEN 2787/perl
udp 0 0 61.228.62.16:123 0.0.0.0:* 2839/ntpd
udp 0 0 127.0.0.1:123 0.0.0.0:* 2839/ntpd
udp 0 0 0.0.0.0:123 0.0.0.0:* 2839/ntpd
udp6 0 0 fe80::250:baff:feec:123 :::* 2839/ntpd
udp6 0 0 ::1:123 :::* 2839/ntpd
udp6 0 0 :::123 :::* 2839/ntpd
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node PID/Program name Path
unix 2 [ ACC ] STREAM LISTENING 8506 2738/acpid /var/run/acpid.socket
unix 2 [ ACC ] STREAM LISTENING 8568 2764/dbus-daemon /var/run/dbus/system_bus_socket
unix 6 [ ] DGRAM 8273 2609/syslogd /dev/log
unix 2 [ ] DGRAM 4777 1298/udevd @/org/kernel/udev/udevd
unix 2 [ ACC ] STREAM LISTENING 8752 2849/hald @/var/run/hald/dbus-ydqQntVARG
unix 2 [ ] DGRAM 8760 2849/hald @/org/freedesktop/hal/udev_event
unix 2 [ ACC ] STREAM LISTENING 8749 2849/hald @/var/run/hald/dbus-e2N7xGArtD
unix 2 [ ] DGRAM 9795 2919/login
unix 3 [ ] STREAM CONNECTED 9555 2849/hald @/var/run/hald/dbus-e2N7xGArtD
unix 3 [ ] STREAM CONNECTED 9554 2886/hdd (every 2 s
unix 3 [ ] STREAM CONNECTED 9553 2764/dbus-daemon /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 9552 2886/hdd (every 2 s
unix 3 [ ] STREAM CONNECTED 9548 2849/hald @/var/run/hald/dbus-e2N7xGArtD
unix 3 [ ] STREAM CONNECTED 9547 2884/hdc (every 2 s
unix 3 [ ] STREAM CONNECTED 9544 2764/dbus-daemon /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 9543 2884/hdc (every 2 s
unix 3 [ ] STREAM CONNECTED 9410 2738/acpid /var/run/acpid.socket
unix 3 [ ] STREAM CONNECTED 9407 2861/acpid.socket
unix 3 [ ] STREAM CONNECTED 9389 2849/hald @/var/run/hald/dbus-e2N7xGArtD
unix 3 [ ] STREAM CONNECTED 9384 2861/acpid.socket
unix 3 [ ] STREAM CONNECTED 9388 2849/hald @/var/run/hald/dbus-e2N7xGArtD
unix 3 [ ] STREAM CONNECTED 9380 2858/event4
unix 3 [ ] STREAM CONNECTED 9383 2849/hald @/var/run/hald/dbus-e2N7xGArtD
unix 3 [ ] STREAM CONNECTED 9245 2857/event3
unix 3 [ ] STREAM CONNECTED 9377 2849/hald @/var/run/hald/dbus-e2N7xGArtD
unix 3 [ ] STREAM CONNECTED 9238 2856/event0
unix 3 [ ] STREAM CONNECTED 8755 2849/hald @/var/run/hald/dbus-ydqQntVARG
unix 3 [ ] STREAM CONNECTED 8754 2850/hald-runner
unix 3 [ ] STREAM CONNECTED 8751 2764/dbus-daemon /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 8750 2849/hald
unix 2 [ ] DGRAM 8718 2839/ntpd
unix 2 [ ] DGRAM 8613 2779/nullmailer-sen
unix 3 [ ] STREAM CONNECTED 8571 2764/dbus-daemon
unix 3 [ ] STREAM CONNECTED 8570 2764/dbus-daemon
unix 2 [ ] DGRAM 8296 2629/klogd
-
ARMS - 可愛的小學生
- 文章: 35
- 註冊時間: 週五 3月 25, 2005 9:44 pm
- 來自: 吉他島
5 篇文章
• 第 1 頁 (共 1 頁)
誰在線上
正在瀏覽這個版面的使用者:沒有註冊會員 和 1 位訪客