Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 18 Feb 2019 07:05:17 -0700 (MST)
From:      BBlister <bblister@gmail.com>
To:        freebsd-questions@freebsd.org
Subject:   Re: Cannot identify process of listening port 600/tcp6
Message-ID:  <1550498717617-0.post@n6.nabble.com>
In-Reply-To: <5B3B92BC-BD58-4FA3-B6BD-16BA74A8D944@mail.sermon-archive.info>
References:  <1550339000372-0.post@n6.nabble.com> <20190216185344.95cb4ec3.freebsd@edvax.de> <1550341736004-0.post@n6.nabble.com> <ED59A34B-1AAA-46F1-81E1-4127ABD5C875@bsdops.com> <1550345837921-0.post@n6.nabble.com> <1550472991548-0.post@n6.nabble.com> <5B3B92BC-BD58-4FA3-B6BD-16BA74A8D944@mail.sermon-archive.info>

next in thread | previous in thread | raw e-mail | index | archive | help


On the referenced URL, they are suggesting to use netstat -anp , which is
not applicable to FreeBSD (parameter -p is not valid). Also, they suggesting
to use ps.


My process listing (only the executables, using
ps axuw | awk '{print $11}' | sort |uniq:

-csh
[audit]
[bufdaemon]
[bufspacedaemon]
[cam]
[crypto
[crypto]
[geom]
[idle]
[intr]
[kernel]
[pagedaemon]
[pagezero]
[rand_harvestq]
[sctp_iterator]
[soaiod1]
[soaiod2]
[soaiod3]
[soaiod4]
[syncer]
[usb]
[vmdaemon]
[vnlru]
/sbin/devd
/sbin/init
/sbin/natd
/usr/libexec/getty
/usr/local/bin/3proxy
/usr/local/bin/perl
/usr/local/bin/php-cgi
/usr/local/bin/portsentry
/usr/local/bin/python2.7
/usr/local/bin/rtorrent
/usr/local/bin/screen
/usr/local/sbin/arpwatch
/usr/local/sbin/fcgiwrap
/usr/local/sbin/nmbd
/usr/local/sbin/openvpn
/usr/local/sbin/smartd
/usr/local/sbin/smbd
/usr/local/sbin/winbindd
/usr/sbin/blacklistd
/usr/sbin/cron
/usr/sbin/inetd
/usr/sbin/mountd
/usr/sbin/rpc.lockd
/usr/sbin/rpc.statd
/usr/sbin/rpcbind
/usr/sbin/rtsold
/usr/sbin/syslogd
/usr/sbin/unbound
adjkerntz
awk
bash
daemon:
diskcheckd:
nfscbd:
nfsd:
nginx:
ps
sendmail:
sort
sshd:
sudo
tcpdump
tcpdump:
uniq



My kldstat
 1   37 0xffffffff80200000 20647c8  kernel
 2    1 0xffffffff82266000 2d40     coretemp.ko
 3    1 0xffffffff82421000 6fc4     tmpfs.ko
 4    1 0xffffffff82428000 41f0     linprocfs.ko
 5    2 0xffffffff8242d000 2d28     linux_common.ko
 6    1 0xffffffff82430000 195c     linsysfs.ko
 7    4 0xffffffff82432000 20198    ipfw.ko
 8    1 0xffffffff82453000 24a0     if_tap.ko
 9    1 0xffffffff82456000 107a0    dummynet.ko
10    1 0xffffffff82467000 13f0     ipdivert.ko
11    1 0xffffffff82469000 21b0     ipfw_nat.ko
12    1 0xffffffff8246c000 a4f2     libalias.ko



and for ICPS I see that everything is empty:

# ipcs
Message Queues:
T           ID          KEY MODE        OWNER    GROUP

Shared Memory:
T           ID          KEY MODE        OWNER    GROUP

Semaphores:
T           ID          KEY MODE        OWNER    GROUP



# ipcs  -y
Message Queues:
T           ID          KEY MODE        OWNER    GROUP

Shared Memory:
T           ID          KEY MODE        OWNER    GROUP

Semaphores:
T           ID          KEY MODE        OWNER    GROUP


#


Also I mounted procfs on proc (# mount -t procfs proc /proc) and search for
600 but I did not find anything useful ( grep -R '600' * |&less ).




I am open to suggestions...I have not reboot the machine yet.
By the way I see that I have two unknown listening ports 600/tcp6 and
601/tcp4 .

tcpdump has not shown any traffic yet to these ports.





--
Sent from: http://freebsd.1045724.x6.nabble.com/freebsd-questions-f3696945.html



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1550498717617-0.post>