Date: Mon, 27 Dec 2010 09:58:10 -0500 From: Mike Tancsa <mike@sentex.net> To: S Mathias <smathias1972@yahoo.com> Cc: freebsd-questions@freebsd.org Subject: Re: what process is sending this packet? Message-ID: <4D18A982.4020006@sentex.net> In-Reply-To: <586011.29943.qm@web121407.mail.ne1.yahoo.com> References: <586011.29943.qm@web121407.mail.ne1.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 12/27/2010 9:30 AM, S Mathias wrote: > I can see, that theres a program that keeps sending packets on port 25: > > Dec 27 14:11:46 a kernel: [ 6336.992320] O_D_LOG: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=61533 DF PROTO=TCP SPT=37263 DPT=25 WINDOW=32792 RES=0x00 SYN URGP=0 > Dec 27 14:12:01 a kernel: [ 6352.635704] O_D_LOG: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=55853 DF PROTO=TCP SPT=40644 DPT=25 WINDOW=32792 RES=0x00 SYN URGP=0 > Dec 27 14:12:04 a kernel: [ 6355.641085] O_D_LOG: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=55854 DF PROTO=TCP SPT=40644 DPT=25 WINDOW=32792 RES=0x00 SYN URGP=0 > Dec 27 14:12:10 a kernel: [ 6361.649059] O_D_LOG: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=55855 DF PROTO=TCP SPT=40644 DPT=25 WINDOW=32792 RES=0x00 SYN URGP=0 > > but where or how could i find out, that what process sends these packets? On FreeBSD, take a look at the audit subsystem http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/audit.html ---Mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4D18A982.4020006>