[BlueOnyx:22363] Re: PCI - lighttpd
webmaster
webmaster at oldcabin.net
Thu Aug 30 11:39:54 -05 2018
Thanks
Here is the report from doing
netstat -tupan|grep LISTEN
[root at cabin4 admin]# netstat -tupan|grep LISTEN
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN
10524/nginx: master
tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN
24649/dovecot
tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN
24649/dovecot
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN
4964/php-fpm: maste
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
2651/mysqld
tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN
9752/sendmail: acce
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN
24649/dovecot
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN
24649/dovecot
tcp 0 0 127.0.0.1:783 0.0.0.0:* LISTEN
24031/spamd.pid -d
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN
3989/perl
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN
9752/sendmail: acce
tcp 0 0 0.0.0.0:2002 0.0.0.0:* LISTEN
2309/sshd
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN
9752/sendmail: acce
tcp6 0 0 :::443 :::* LISTEN
10524/nginx: master
tcp6 0 0 :::444 :::* LISTEN
1673/httpd.admsrv
tcp6 0 0 :::990 :::* LISTEN 24627/xinetd
tcp6 0 0 ::1:783 :::* LISTEN
24031/spamd.pid -d
tcp6 0 0 :::80 :::* LISTEN 7671/httpd
tcp6 0 0 :::81 :::* LISTEN
1673/httpd.admsrv
tcp6 0 0 :::2002 :::* LISTEN 2309/sshd
tcp6 0 0 :::21 :::* LISTEN 24627/xinetd
Nothing for port 42443
Correct?
Could nginx be effecting their PCI scans?
> Hi Tim,
>
>> I have a client that is telling me that their pci scan is failing
>> because "lighttpd service running on port 42443"
>>
>> Is this service even running on BX?
> No, "lighthttpd" is not included on a stock BlueOnyx nor do any add-on
> PKGs from the shop provided it.
>
> Do this to check:
>
> netstat -tupan|grep LISTEN
>
> That tells you which services are bound to which ports. Check what PID
> the process has that's bound to port 42443.
>
> When you have that PID, run "lsof -p <PID>" and it will show you where
> that process resides and which files, sockets and ports it holds open.
>
> That should help you to track it down.
>
More information about the Blueonyx
mailing list