Israel Garcia > wrote:
>> server:~# netstat -tulp
>> Active Internet connections (only servers)
>> Proto Recv-Q Send-Q Local Address Foreign Address State
>> PID/Program name
>> tcp 0 0 *:mysql *:* LISTEN
>> 14399/mysqld
>> tcp 0 0 s
On Sat, Sep 19, 2009 at 3:50 AM, Israel Garcia wrote:
> netstat output:
>
> server:~# netstat -tulp
> Active Internet connections (only servers)
> Proto Recv-Q Send-Q Local Address Foreign Address
> State PID/Program name
> tcp 0 0 *:mysql
netstat output:
server:~# netstat -tulp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address
State PID/Program name
tcp0 0 *:mysql *:*
LISTEN 14399/mysqld
tcp0 0 server.domain.:www
Hi,
On Sun, Nov 11, 2007 at 06:34:12AM -0600, Hugo Vanwoerkom wrote:
> John Hasler wrote:
>> Robert Hodgins writes:
>>> Gibosn's site scans the first 1056 ports.
>>
>> By default. It will scan them all if you tell it to.
>
> That's a good hint!
> I get:
> You are from Oaxaca De Juárez, 20, in th
Adam Hardy wrote:
One routine check that I do on my webserver to check it's OK is
netstat, and this time it looks like I was under attack from some
muppet out there via what seems to be a brute force attempt to crack
my ssh login.
(We're all seeing this all the time.)
Trying to understand th
Hugo writes:
> You are from Oaxaca De Juárez, 20, in the MX, with an ip of
> xxx.xx.xxx.xxx Do I care that that is public info?
If you do you better get off the Net. He's guessing the location from the
IP, which is in every packet you send.
--
John Hasler
John Hasler wrote:
Robert Hodgins writes:
Gibosn's site scans the first 1056 ports.
By default. It will scan them all if you tell it to.
That's a good hint!
I get:
You are from Oaxaca De Juárez, 20, in the MX, with an ip of xxx.xx.xxx.xxx
Do I care that that is public info?
Hugo
--
To UN
Robert Hodgins writes:
> Gibosn's site scans the first 1056 ports.
By default. It will scan them all if you tell it to.
--
John Hasler
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
> That would be Steve Gibsons's site, that I've often used.
> http://www.grc.com
Gibosn's site scans the first 1056 ports. This site
(http://www.auditmypc.com/firewall-test.asp) scans up to 65535.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact
Nigel writes:
> That would be Steve Gibsons's site, that I've often used.
> http://www.grc.com
That's a convenient way to run nmap remotely but don't pay attention to his
advice about security.
--
John Hasler
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Troub
On Saturday 10 November 2007 22:40, Gabriel Parrondo wrote:
> El sáb, 10-11-2007 a las 12:46 +, Adam Hardy escribió:
> [...]
>
> > I can't see anything running on the server now that might be using those
> > ports, but then if it's rootkitted, I wouldn't would I? Is there a
> > website out ther
On 11/10/2007 04:40 PM, Gabriel Parrondo wrote:
> El sáb, 10-11-2007 a las 12:46 +, Adam Hardy escribió:
> [...]
>> I can't see anything running on the server now that might be using those
>> ports, but then if it's rootkitted, I wouldn't would I? Is there a
>> website out there that I can us
El sáb, 10-11-2007 a las 12:46 +, Adam Hardy escribió:
[...]
>
> I can't see anything running on the server now that might be using those
> ports, but then if it's rootkitted, I wouldn't would I? Is there a
> website out there that I can use from outside my firewall which I can
> get a good
On Saturday 10 November 2007 04:46, Adam Hardy wrote:
> One routine check that I do on my webserver to check it's OK is netstat,
> and this time it looks like I was under attack from some muppet out
> there via what seems to be a brute force attempt to crack my ssh login.
>
> Trying to understand t
One routine check that I do on my webserver to check it's OK is netstat,
and this time it looks like I was under attack from some muppet out
there via what seems to be a brute force attempt to crack my ssh login.
Trying to understand the info, what is the foreign address - is that the
attacker
Adam Hardy wrote:
Is this some brute force dictionary attack in progress on my webserver?
The full foreign address is zns551-ga01a.us.yokogawa.com.
Those nasty people in Yokogawa!
Original Message
Date: Thu, 22 Dec 2005 05:00:07 + (GMT)
Active Internet connections (serve
Is this some brute force dictionary attack in progress on my webserver?
The full foreign address is zns551-ga01a.us.yokogawa.com.
Those nasty people in Yokogawa!
Original Message
Date: Thu, 22 Dec 2005 05:00:07 + (GMT)
Active Internet connections (servers and established)
On Sun, May 07, 2000 at 01:20:35AM -0700, Eric G . Miller wrote:
>
> Those would be the port numbers methinks. If I'm not mistaken, it'd be
> typical to establish a connection to a web server on port 80, but the
> data transfers would go over a high port. Otherwise you'd only be able
> to have one
On Sun, May 07, 2000 at 01:06:42AM -0700, t s a d i wrote:
> hello everyone !
>
> when i do _~$ netstat_ on my web server, i get the ff:
>
>
> bangus:~$ netstat
> Active Internet connections (w/o servers)
> Proto Recv-Q Send-Q Local Address Foreign Address
> State
> tcp
hello everyone !
when i do _~$ netstat_ on my web server, i get the ff:
bangus:~$ netstat
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address
State
tcp0 39595 bangus.myphilippine:www ME21-66.i-manila.c:1520
ESTABLISHED
tcp
Subject: understanding netstat output
Date: Tue, Jul 27, 1999 at 01:14:02PM +0800
In reply to:Chad A. Adlawan
Quoting Chad A. Adlawan([EMAIL PROTECTED]):
> hello all,
>
> can someone please tell me what they all mean ? or maybe direct me to docs
> that i could
>Active UNIX domain sockets (w/o servers)
>Proto RefCnt Flags Type State I-Node Path
>unix 2 [ ] STREAM 824491 /tmp/.X11-unix/X0
>unix 2 [ ] STREAM CONNECTED 824490
>unix 2 [ ] STREAM 824228
1054
>
> can someone please tell me what they all mean ? or maybe direct me to docs
> that i could read so that ill know what they are.
> TIA,
> Chad
The list of streams you get in the netstat output is showing you what
hello all,
when i invoke netstat, i get the following :
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ] STREAM 824491 /tmp/.X11-unix/X0
unix 2 [ ] STREAM CONNECTED 824490
unix
24 matches
Mail list logo
