Re: Mysterious udp packetsFrom: Don Felgar (firstname.lastname@example.org)
- Previous message: Don Felgar: "Re: Mysterious udp packets"
- Maybe in reply to: Don Felgar: "Mysterious udp packets"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 17 Aug 2001 09:17:10 -0700 To: Lee Smith <email@example.com> Subject: Re: Mysterious udp packets Message-ID: <20010817091710.A23315@rainierinternet.com> From: Don Felgar <firstname.lastname@example.org>
On Fri, Aug 17, 2001, Lee Smith wrote:
> You may want to find a (near) identical machine and snag a netstat
> and lsof binary off of them, or at least check the md5sums of yours
> to some known safe ones. most rootkits i've seen are going to
> replace at least netstat and ps.
None of the binaries I copied over from other machines behave any
differently, including ps, netstat, and lsof.
Incidentally I forgot to mention that top seems to indicate that the
myserty process is not one that comes to life each second.