[sf-lug] internet interlopers
Alex Kleider
alex at kleico.net
Mon Jul 16 21:08:47 PDT 2007
first thanks to all who have taken the time to help me in the past: most recently Jim Stockford and Michael Paoli.
I've done some configuring so that inspite of having a dynamically allocated IP address, I'm able from any internet connection to ssh to my linux box which sits behind a DSL modem and a Linksys Router. The problem is that others have established connections and although I haven't been aware of any harm being done, clearly these connections shouldn't be there.
The process on my computer (host name is belmont) that seems to be making the connection (port) is called linx so I assume this is the kernel itself. If this is true my solution can't be to turn off the process!
Has anyone any ideas what I should do?
I include the relevant output of the netstat command run with and without -np.
(this is how I discovered the interlopers!) thanks in advance...
.......... $ netstat
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 belmont:1027 irc3.easynews.com:6665 ESTABLISHED
tcp 0 0 belmont:3377 irc3.easynews.com:6665 ESTABLISHED
tcp 0 0 belmont:3725 yui.desync.com:ircd ESTABLISHED
tcp 0 1 belmont:2533 64.161.255.201:6668 SYN_SENT
tcp 0 0 belmont:4609 irc3.easynews.com:6665 ESTABLISHED
tcp 0 0 belmont:2871 yui.desync.com:ircd ESTABLISHED
...... # netstat -pn
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 192.168.1.152:1027 69.16.172.40:6665 ESTABLISHED9870/linux
tcp 0 1 192.168.1.152:2376 194.109.20.90:6667 SYN_SENT 9870/linux
tcp 0 0 192.168.1.152:3377 69.16.172.40:6665 ESTABLISHED18509/linux
tcp 0 0 192.168.1.152:3725 64.157.15.117:6667 ESTABLISHED9870/linux
tcp 0 0 192.168.1.152:4609 69.16.172.40:6665 ESTABLISHED18509/linux
tcp 0 0 192.168.1.152:2871 64.157.15.117:6667 ESTABLISHED18509/linux
More information about the sf-lug
mailing list