You are not logged in.
Hello,
If I issue the following command several times in a row:
nmap -n -r -v -p1-65535 -sT 127.0.0.1On each run, this command would list the usual open ports (ssh etc., same as netstat), but sometimes there would be 1-3 random open ports somewhere in range 10000..60000, every run different ones. Checking listening ports with netstat never shows any such open ports. Random open ports vanish if I use nmap with -sV or -sS instead of -sT option. I can also replace localhost with LAN address and still get the same results. Could these be false-positives?
I can reproduce this on another Arch box, but not on Ubuntu. Can ask you to try if you are getting similar results, or should I start to worry about a rootkit? Thanks.
Cheers,
Marko
Offline
Seem to be false-positives, see:
Offline