what is ssh-sgent?

[andy baxter]

andy baxter wrote:
> John K Masters wrote:
>   
>> On 20:50 Sat 03 May     , andy baxter wrote:
>>   
>>     
>>
> The server is on the web when it's switched on - I have an ADSL router 
> which is set to forward traffic on port 80 to port 80 of the server. So 
> it is possible the server has been compromised and then used to break 
> into my other machine. I don't have a firewall running on my laptop 
> because I thought it was safe having no outward facing server processes 
> - just apache and sometimes mysql running on localhost. But I may be 
> wrong here - netstat --program -al gives (truncated):
>
> Active Internet connections (servers and established)
> Proto Recv-Q Send-Q Local Address Foreign Address State
> PID/Program name
> tcp 0 0 localhost:2208 *:* LISTEN 5
> 021/hpiod
> tcp 0 0 localhost:www *:* LISTEN 5
> 359/apache2
> tcp 0 0 192.168.1.3:domain *:* LISTEN 4
> 957/named
> tcp 0 0 localhost:domain *:* LISTEN 4
> 957/named
> tcp 0 0 localhost:ipp *:* LISTEN 5
> 877/cupsd
> tcp 0 0 localhost:smtp *:* LISTEN 5
> 166/master
> tcp 0 0 localhost:953 *:* LISTEN 4
> 957/named
> tcp 0 0 localhost:2207 *:* LISTEN 5
> 024/python
> tcp 0 0 192.168.1.3:2579 mail.free-online.n:pop3 TIME_WAIT -
>
> tcp6 0 0 *:domain *:* LISTEN 4
> 957/named
> tcp6 0 0 ip6-localhost:953 *:* LISTEN 4
> 957/named
> udp 0 0 *:1024 *:* 4
> 957/named
> udp 0 0 192.168.1.3:domain *:* 4
> 957/named
> udp 0 0 localhost:domain *:* 4
> 957/named
> udp 0 0 *:bootpc *:* 1
> 7718/dhclient
> udp6 0 0 *:1025 *:* 4
> 957/named
> udp6 0 0 *:domain *:* 4
> 957/named
>
> I think this means named has an incoming port open. Is this a good idea 
> (I don't think I need it) and should I just disable it?
>   
P.S. I don't have any concrete reason to think my machine has been got 
at - I was just poking around my system and found that ssh-agent has a 
socket in /tmp.