Date: Mon, 18 Feb 2019 07:05:17 -0700 (MST) From: BBlister <bblister@gmail.com> To: freebsd-questions@freebsd.org Subject: Re: Cannot identify process of listening port 600/tcp6 Message-ID: <1550498717617-0.post@n6.nabble.com> In-Reply-To: <5B3B92BC-BD58-4FA3-B6BD-16BA74A8D944@mail.sermon-archive.info> References: <1550339000372-0.post@n6.nabble.com> <20190216185344.95cb4ec3.freebsd@edvax.de> <1550341736004-0.post@n6.nabble.com> <ED59A34B-1AAA-46F1-81E1-4127ABD5C875@bsdops.com> <1550345837921-0.post@n6.nabble.com> <1550472991548-0.post@n6.nabble.com> <5B3B92BC-BD58-4FA3-B6BD-16BA74A8D944@mail.sermon-archive.info>
next in thread | previous in thread | raw e-mail | index | archive | help
On the referenced URL, they are suggesting to use netstat -anp , which is
not applicable to FreeBSD (parameter -p is not valid). Also, they suggesting
to use ps.
My process listing (only the executables, using
ps axuw | awk '{print $11}' | sort |uniq:
-csh
[audit]
[bufdaemon]
[bufspacedaemon]
[cam]
[crypto
[crypto]
[geom]
[idle]
[intr]
[kernel]
[pagedaemon]
[pagezero]
[rand_harvestq]
[sctp_iterator]
[soaiod1]
[soaiod2]
[soaiod3]
[soaiod4]
[syncer]
[usb]
[vmdaemon]
[vnlru]
/sbin/devd
/sbin/init
/sbin/natd
/usr/libexec/getty
/usr/local/bin/3proxy
/usr/local/bin/perl
/usr/local/bin/php-cgi
/usr/local/bin/portsentry
/usr/local/bin/python2.7
/usr/local/bin/rtorrent
/usr/local/bin/screen
/usr/local/sbin/arpwatch
/usr/local/sbin/fcgiwrap
/usr/local/sbin/nmbd
/usr/local/sbin/openvpn
/usr/local/sbin/smartd
/usr/local/sbin/smbd
/usr/local/sbin/winbindd
/usr/sbin/blacklistd
/usr/sbin/cron
/usr/sbin/inetd
/usr/sbin/mountd
/usr/sbin/rpc.lockd
/usr/sbin/rpc.statd
/usr/sbin/rpcbind
/usr/sbin/rtsold
/usr/sbin/syslogd
/usr/sbin/unbound
adjkerntz
awk
bash
daemon:
diskcheckd:
nfscbd:
nfsd:
nginx:
ps
sendmail:
sort
sshd:
sudo
tcpdump
tcpdump:
uniq
My kldstat
1 37 0xffffffff80200000 20647c8 kernel
2 1 0xffffffff82266000 2d40 coretemp.ko
3 1 0xffffffff82421000 6fc4 tmpfs.ko
4 1 0xffffffff82428000 41f0 linprocfs.ko
5 2 0xffffffff8242d000 2d28 linux_common.ko
6 1 0xffffffff82430000 195c linsysfs.ko
7 4 0xffffffff82432000 20198 ipfw.ko
8 1 0xffffffff82453000 24a0 if_tap.ko
9 1 0xffffffff82456000 107a0 dummynet.ko
10 1 0xffffffff82467000 13f0 ipdivert.ko
11 1 0xffffffff82469000 21b0 ipfw_nat.ko
12 1 0xffffffff8246c000 a4f2 libalias.ko
and for ICPS I see that everything is empty:
# ipcs
Message Queues:
T ID KEY MODE OWNER GROUP
Shared Memory:
T ID KEY MODE OWNER GROUP
Semaphores:
T ID KEY MODE OWNER GROUP
# ipcs -y
Message Queues:
T ID KEY MODE OWNER GROUP
Shared Memory:
T ID KEY MODE OWNER GROUP
Semaphores:
T ID KEY MODE OWNER GROUP
#
Also I mounted procfs on proc (# mount -t procfs proc /proc) and search for
600 but I did not find anything useful ( grep -R '600' * |&less ).
I am open to suggestions...I have not reboot the machine yet.
By the way I see that I have two unknown listening ports 600/tcp6 and
601/tcp4 .
tcpdump has not shown any traffic yet to these ports.
--
Sent from: http://freebsd.1045724.x6.nabble.com/freebsd-questions-f3696945.html
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1550498717617-0.post>