Date: Thu, 3 Feb 2005 15:45:18 +0100 From: Ruben de Groot <mail25@bzerk.org> To: Gene <listmail@Bomgardner.net> Cc: "freebsd-questions@FreeBSD. ORG" <freebsd-questions@freebsd.org> Subject: Re: Strange foreign connections Message-ID: <20050203144518.GA16324@ei.bzerk.org> In-Reply-To: <42010776.2050908@Bomgardner.net> References: <42010776.2050908@Bomgardner.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Feb 02, 2005 at 11:01:42AM -0600, Gene typed: > While running netstat I found these entries: > > Active Internet connections (including servers) > Proto Recv-Q Send-Q Local Address Foreign Address (state) > tcp4 0 0 localhost.52730 undernet1.blueyo.ircd > ESTABLISHED > tcp4 0 0 localhost.52398 minotor.spale.co.ircd > ESTABLISHED > tcp4 0 0 localhost.60635 bagan2.srce.hr.ircd > ESTABLISHED > > > The foreign addresses all show ircd at the end, but there is no irc > clients or servers running and irc ports are blocked at the firewall. > Does anyone have any idea what might be going on here? I would assume your system is compromised, unless proven otherwise. Ruben
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050203144518.GA16324>