I've noticed a strange established TCP connection (from unknown host) to portmaper which lasts for hours, but apparently there is no traffic. My portmapper is tcp-wrapped, so the connection should be rejected. I can see the following: # netstat -t tcp 0 0 MYHOST:sunrpc 211.250.216.195:691 ESTABLISHED # lsof portmap 158 root 5u IPv4 110899 TCP MYHOST:sunrpc->211.250.216.195:691 (ESTABLISHED) # nmap -P0 -O 211.250.216.195 Warning: No TCP ports found open on this machine, OS detection will be MUCH less reliable All 1523 scanned ports on (211.250.216.195) are: filtered Too many fingerprints match this host for me to give an accurate OS guess Nmap run completed -- 1 IP address (1 host up) scanned in 212 seconds # tcpdump -n -i eth0 dst port 111 and not src net MYNET shows no traffic. Also, ippl doesn't log anything. Can anybody enlighten me what's up? -Igor Mozetic -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
