I did a nmap scan on my server and I saw that (to me unknown) port 2707 was filtered and which was said to be used by emcsymapiport (which seems to be a Dell product?). Furthermore this port is also used by the bigfoot trojan.
But I did not install emcsymapiport myself consciously and my server has nothing to do with Dell at all. I installed however vboxwebservice and remotebox in order to be able to easily setup virtual machines so maybe emcsymapiport was part of one of those installations.
The thing is that, as far as I know, emc symapi port does not run on Freebsd and also is not shown in freshports.
So now I am wondering whether I was hacked by the bigfoot trojan, disguised as emcsymapiport? Which however is also strange because I have set up my server in a testlab environment on my LAN only and which is not connected to the internet.
Except ofcourse when I install something on my server, so could either bigfoot or emcsymapiport have been piggybacked with some software installation?
Anybody any idea?
But I did not install emcsymapiport myself consciously and my server has nothing to do with Dell at all. I installed however vboxwebservice and remotebox in order to be able to easily setup virtual machines so maybe emcsymapiport was part of one of those installations.
The thing is that, as far as I know, emc symapi port does not run on Freebsd and also is not shown in freshports.
So now I am wondering whether I was hacked by the bigfoot trojan, disguised as emcsymapiport? Which however is also strange because I have set up my server in a testlab environment on my LAN only and which is not connected to the internet.
Except ofcourse when I install something on my server, so could either bigfoot or emcsymapiport have been piggybacked with some software installation?
Anybody any idea?