Date: Sun, 30 Apr 2006 22:58:54 +0200 From: Frank Steinborn <steinex@nognu.de> To: freebsd-questions@freebsd.org Subject: Re: Hacked? How can I tell what process is sending packets from a particular port (udp/55613)? Message-ID: <20060430205854.GA6843@shodan.nognu.de> In-Reply-To: <73cb07950604301352w15a543d7sb3828504ca416da8@mail.gmail.com> References: <73cb07950604301352w15a543d7sb3828504ca416da8@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
boink wrote: > Dear FreeBSD, > > I see outbound packets from udp/55613, one every 5 seconds, to a > single non-routable (10....) IP, with destination port increasing by 1 > with each packet, with expected ICMP Destination net unreachables from > an upstream router. > > AFAIK, there's no reason for this and I don't like it - how can I tell > which process is sending the packets? > > With thanks in advance, > boink Try to catch the process with "sockstat -46p 55613" HTH, Frank
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060430205854.GA6843>