Cannot identify process of listening port 600/tcp6
BBlister
bblister at gmail.com
Sat Feb 16 17:43:28 UTC 2019
Dear,
I am trying to identify what process is listening on port 600/tcp6.
I have tried:
# lsof -n -P | grep :600
#
--nothing
# sockstat -a | grep :600
? ? ? ? tcp6 *:600 *:*
# netstat -an | grep 600
tcp6 0 0 *.600 *.* LISTEN
I can connect to this port, but I receive no output to my commands:
# telnet ::1 600
Trying ::1...
Connected to localhost.
Escape character is '^]'.
help
?
test
My uname:
# uname -a
FreeBSD XXX 11.2-RELEASE-p8 FreeBSD 11.2-RELEASE-p8 #0: Tue Jan 8 21:35:12
UTC 2019 root at amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC
amd64
# kldstat
Id Refs Address Size Name
1 37 0xffffffff80200000 20647c8 kernel
2 1 0xffffffff82266000 2d40 coretemp.ko
3 1 0xffffffff82421000 6fc4 tmpfs.ko
4 1 0xffffffff82428000 41f0 linprocfs.ko
5 2 0xffffffff8242d000 2d28 linux_common.ko
6 1 0xffffffff82430000 195c linsysfs.ko
7 4 0xffffffff82432000 20198 ipfw.ko
8 1 0xffffffff82453000 24a0 if_tap.ko
9 1 0xffffffff82456000 107a0 dummynet.ko
10 1 0xffffffff82467000 13f0 ipdivert.ko
11 1 0xffffffff82469000 21b0 ipfw_nat.ko
12 1 0xffffffff8246c000 a4f2 libalias.ko
Perhaps this is a kernel module, but which? Is this a strange rootkit? I did
not reboot the machine, because I would like to locate the offending process
first. This box runs nginx and rtorrent.
Thanks!
--
Sent from: http://freebsd.1045724.x6.nabble.com/freebsd-questions-f3696945.html
More information about the freebsd-questions
mailing list