Jeff D wrote:
On Fri, 24 Jul 2009, AG wrote:
I was going through the hardinfo application and when I got to "IP
connections" I noticed the following connections have the "Established" status
using TCP and both on port 443 (SSL and HTTPS).
One of these connections is to 71.62.0.176 (which doesn't seem to have a
listing in the whois database that means anything) and 88.169.124.190 which
points to http://www.proxad.net according to whois
What applications could I have on my machine that would establish tcp
connections with either of these using ssl/https?
Also, although I was under the impression that the portmap service was not
enabled at boot up, it would appear that it is running in the background. I
recall that portmap used to be a security risk, but is this still the case and
should I be concerned?
Thanks
AG
One handy tool to have is lsof. You can use that to see what applications
are talking to what IP. For example:
lsof -...@71.62.0.176 -n
will show you what applications are communicating with the ip. You can
also specify certain ports if you like, to trim down the results like so:
lsof -...@71.62.0.176:443
or to just see ports:
lsof -i:443
also, If you dint need portmap, the best solution is to just disable it.
No sense in running unneeded apps.
Hth,
Jeff
It certainly does, Jeff. Thank you.
AG
