How to close suspicious port 999 garcon, is it malware?

macos security port nmap
9,803

The name you see actually comes from /etc/services file which maps port numbers to well-known service names.

glad the lsof command worked.

Share:
9,803
f0nz
Author by

f0nz

Updated on September 18, 2022

Comments

  • f0nz
    f0nz over 1 year

    On Mac OSX, I ran the command nmap localhost and I found I have this suspicious open port:

    999/tcp open garcon

    Then I tried to see if there is an associated process, but nothing shows up with lsof -i | grep 999.

    Two questions:

    • Does any body know if this is could be a key-logger/trojan?
    • How can I close the port?

    [Edit] The right command is

    sudo lsof -i :999

    and then I can see the process

    rpc.rquot 704 root 6u IPv4 0xc899fa4ad7097125 0t0 TCP *:garcon (LISTEN)

    Now after reading http://linux.die.net/man/8/rpc.rquotad
    I suspect that maybe is a port open by fuse4x, or fuse4x-kext

    • ganesh
      ganesh almost 11 years
      Malware can use any name it wants, however there is at least one program named garcon which is not malware. Cat /var/db/pkg/garcon-0.2.1/+DESC Garcon is an implementation of the freedesktop.org menu specification replacing the former Xfce menu library libxfce4menu. It is based on GLib/GIO only and aims at covering the entire specification except for legacy menus. WWW: xfce.org

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Find (AND KILL) port 23515 Mac osx
How to delete a keychain reference from command line
Vulnerability Scanner, nmap vs Nessus
Using SSH Shortcut in Mac OS with a .ppk File
What are the default nmap options?
port command of MacPorts not found when trying to install wine
security: SecKeychainItemDelete: UNIX[Operation not permitted] on OS X when trying to remove a system root expired cert
How to detect device type from device connected to router?
Mac OS X: How to change language when screen is locked?
Make XAMPP program directory writeable?