RE:  I NEED HELP!!

From: Ziggy (ziggy@sanyutel.com)
Date: 11/30/01


From: "Ziggy" <ziggy@sanyutel.com>
To: "R. Toma" <rtoma@yahoo.com.ar>, <security-basics@securityfocus.com>
Subject: RE:  I NEED HELP!!
Date: Fri, 30 Nov 2001 16:10:58 +0300
Message-ID: <PIEEIKGKKEFPJHGKAOAHEEFACBAA.ziggy@sanyutel.com>

well you can block off with an IPchains or IPtables rule

e.g

$IPCHAINS -A input -p tcp -s $REMOTENET -d $OUTERNET 12345 -j DENY

something like that depending on wether you have ipchains or iptables

-----Original Message-----
From: R. Toma [mailto:rtoma@yahoo.com.ar]
Sent: Thursday, November 29, 2001 12:16 AM
To: security-basics@securityfocus.com
Subject:  I NEED HELP!!
Importance: High

I scanned my homeserver for open ports and I found that I have the ports:

12345 NetBus
20034 NetBus Pro
31337 BackOriffice

open. Now, are these the famous trojans? I have linux, aren't they
programmed for a MS platform? How can I close these ports????

PLEASE!!!

 _________________________________________________________ Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com