From owner-freebsd-questions  Tue May 23 20:23:55 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from mail.utexas.edu (wb1-a.mail.utexas.edu [128.83.126.134])
	by hub.freebsd.org (Postfix) with SMTP id 132E737BB69
	for <freebsd-questions@FreeBSD.ORG>; Tue, 23 May 2000 20:23:38 -0700 (PDT)
	(envelope-from oscars@mail.utexas.edu)
Received: (qmail 18283 invoked by uid 0); 24 May 2000 03:23:28 -0000
Received: from dhcp-199-210.dsl.utexas.edu (HELO oscar-dsl) (128.83.199.210)
  by umbs-smtp-1 with SMTP; 24 May 2000 03:23:28 -0000
Message-Id: <4.2.2.20000523221706.00a9d600@mail.utexas.edu>
X-Sender: oscars@mail.utexas.edu
X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.2 
Date: Tue, 23 May 2000 22:19:57 -0500
To: freebsd-questions@FreeBSD.ORG
From: Oscar Ricardo Silva <oscars@mail.utexas.edu>
Subject: Re: Port 722 ?
In-Reply-To: <4.2.2.20000523190214.00a976c0@mail.utexas.edu>
References: <20000523193534.A57347@ecto.greenpeas.org>
 <Pine.BSF.4.21.0005231624110.29966-100000@web2.sea.nwserv.com>
 <4.2.2.20000523180523.00a8f680@mail.utexas.edu>
 <Pine.BSF.4.21.0005231624110.29966-100000@web2.sea.nwserv.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

And just to clarify, I had installed SSH 1.2.27 but had never seen port 722 
open.  Before this, I only had ssh (port 22) and smtp (port 25) running.



At 07:04 PM 5/23/00 -0500, Oscar Ricardo Silva, you wrote:
>Thanks to Dave Kirchner and Alan Clegg for the incredibly fast and 
>completely useful responses.  Using both methods, I found out this:
>
>amanda# /usr/local/sbin/lsof -i TCP:722
>COMMAND PID USER   FD   TYPE     DEVICE SIZE/OFF NODE NAME
>sshd1   143 root    3u  IPv6 0xcb8e7940      0t0  TCP *:722
>sshd1   143 root    5u  IPv4 0xcb8e7720      0t0  TCP *:722 (LISTEN)
>
>Now the question is, where the hell did this come from?  I hadn't seen 
>this before and I thought I'd checked my machine.
>
>
>Oscar
>
>At 07:35 PM 5/23/00 -0400, Alan Clegg, you wrote:
>>Out of the ether, David Kirchner spewed forth the following bitstream:
>>
>> > An easy way to find out what an unknown port is:
>> >
>> > First run 'netstat -aAn | grep LISTEN | grep \.portnum'. The -A flag will
>> > display the address for the socket. You can then figure out which process
>> > is using that address by running 'fstat | grep address':
>> >
>> > dpk@web2:/home/dpk$ netstat -aAn | grep LISTEN | grep \.25
>> > c6400180 tcp        0      0 *.25                  *.*   LISTEN
>> > dpk@web2:/home/dpk$ fstat | grep c6400180
>> > root     sendmail   94903    4* internet stream tcp c6400180
>>
>>Easier way:
>>
>>         lsof -i TCP:_portnum_
>>
>>ecto 101} /usr/local/sbin/lsof -i TCP:25
>>COMMAND   PID   USER   FD   TYPE     DEVICE SIZE/OFF NODE NAME
>>tcpserver 381 qmaild    3u  IPv4 0xc735c500      0t0  TCP *:smtp (LISTEN)
>>
>>lsof from ports, btw...
>>
>>AlanC
>>--
>>                                       \             Alan B. Clegg
>>          Just because I can            \          abc@firehouse.net
>>         does not mean I will.           \     <http://www.firehouse.net/>
>>                                          \
>
>
>
>
>"Don't believe the hype"
>
>
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-questions" in the body of the message




"Don't believe the hype"



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message