Date: Mon, 19 Jan 2009 10:44:12 -0800 From: Doug Hardie <bc979@lafn.org> To: freebsd-questions@freebsd.org Subject: Port 7070 Message-ID: <8904C35C-EDFE-419D-989E-84F20A364DD4@lafn.org>
next in thread | raw e-mail | index | archive | help
I just ran a netcat (nc -z) on my production servers and found an unusual response: Connection to xxxx 7070 port [tcp/arcp] succeeded! I checked on all my production and test servers (7.0 stable as of quite some time ago) and got the same response. I can't figure out why that port is open. It always returns a reset when a connection is opened. netstat -an does not return any 7070 entries. sockstat does not show any 7070 entries. There is no 7070 entry in /etc/services. ktrace of inetd shows nothing. tcpdump on the server shows the SYN and RST packets only. tcpdump on the client machine shows a complete TCP negotiation completion followed by a termination. The client is going across the internet. Running the client on a machine on the servers LAN shows that the port is not open. And tcpdump from both shows only a SYN followed by a RST. This indicates that some router between the original client and the servers is accepting the connection and then forwarding it on. This doesn't happen on other ports (although there may be a couple others I haven't chased down yet though). The only router we have in the path is a Cisco 2501 running a 2000 vintage IOS with nothing like that in its configuration. Its a simple pass everything through setup. Any ideas what is happening here?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8904C35C-EDFE-419D-989E-84F20A364DD4>