Step 4
Closing unwanted ports:
Most generally your reports will show software you were simply unaware you were running such as
udp 0 0 0.0.0.0:111 0.0.0.0:* 8044/portmap
In these cases you simply stop the program from running to eliminate the uneccessarily open port.
However in cases where you can't determine what is holding the port open you should turn software that
detects possible rootkits installed in your system.
Remember that software that is suppose to be running has no reason to hide from the system and will show
up in tests such as the use of netstat. Only software that has something to hide actually hides.
Some possible root kit detection software you can use would be things like chkrootkit
Please remember that there is only one sure cure for removing a root kit and that is to reinstall the system.
You want to take every precaution to prevent a root kit so that you are sparred this task.
|
