Date: Sat, 16 Feb 2019 10:43:20 -0700 (MST) From: BBlister <bblister@gmail.com> To: freebsd-questions@freebsd.org Subject: Cannot identify process of listening port 600/tcp6 Message-ID: <1550339000372-0.post@n6.nabble.com>
next in thread | raw e-mail | index | archive | help
Dear, I am trying to identify what process is listening on port 600/tcp6. I have tried: # lsof -n -P | grep :600 # --nothing # sockstat -a | grep :600 ? ? ? ? tcp6 *:600 *:* # netstat -an | grep 600 tcp6 0 0 *.600 *.* LISTEN I can connect to this port, but I receive no output to my commands: # telnet ::1 600 Trying ::1... Connected to localhost. Escape character is '^]'. help ? test My uname: # uname -a FreeBSD XXX 11.2-RELEASE-p8 FreeBSD 11.2-RELEASE-p8 #0: Tue Jan 8 21:35:12 UTC 2019 root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64 # kldstat Id Refs Address Size Name 1 37 0xffffffff80200000 20647c8 kernel 2 1 0xffffffff82266000 2d40 coretemp.ko 3 1 0xffffffff82421000 6fc4 tmpfs.ko 4 1 0xffffffff82428000 41f0 linprocfs.ko 5 2 0xffffffff8242d000 2d28 linux_common.ko 6 1 0xffffffff82430000 195c linsysfs.ko 7 4 0xffffffff82432000 20198 ipfw.ko 8 1 0xffffffff82453000 24a0 if_tap.ko 9 1 0xffffffff82456000 107a0 dummynet.ko 10 1 0xffffffff82467000 13f0 ipdivert.ko 11 1 0xffffffff82469000 21b0 ipfw_nat.ko 12 1 0xffffffff8246c000 a4f2 libalias.ko Perhaps this is a kernel module, but which? Is this a strange rootkit? I did not reboot the machine, because I would like to locate the offending process first. This box runs nginx and rtorrent. Thanks! -- Sent from: http://freebsd.1045724.x6.nabble.com/freebsd-questions-f3696945.html
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1550339000372-0.post>