$netstat -a
Hello All
I ran $netstat -a on one of my machines and got the following
******************* output of netstat -a *********************************
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:auth *:* LISTEN
tcp 0 0 *:smtp *:* LISTEN
raw 0 0 *:icmp *:* 7
raw 0 0 *:tcp *:* 7
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
unix 0 [ ACC ] STREAM LISTENING 11142 /dev/log
unix 0 [ ACC ] STREAM LISTENING 65 /dev/gpmctl
unix 1 [ ] STREAM CONNECTED 52 @00000001
unix 1 [ ] STREAM CONNECTED 79 @00000003
unix 1 [ ] STREAM CONNECTED 80 /dev/log
unix 1 [ ] STREAM CONNECTED 53 /dev/log
**************************************************************************
I was interested if anyone knew what the lines
raw 0 0 *:icmp *:* 7
raw 0 0 *:tcp *:* 7
mean.
I have read that it means that a program such as portsentry, ippl or iplogger
is running on the system. In other words there is some program listening for
raw ICMP (protocol 1) and TCP (proto 6) packets coming from any remote address
to any local address.
I have no such programs. The closest I have to any of these is tcpdump.
But I seen other systems with tcpdump and netstat -a doesn't give this output.
Can anyone explain say how I would find out which program is listening for
raw icmp/tcp packets.
TIA.
t.irvine
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: