Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: ESTABLISHED web process??
Special Forums IP Networking ESTABLISHED web process?? Post 302550897 by melodysneed on Sunday 28th of August 2011 12:51:57 PM
Old 08-28-2011
Data ESTABLISHED web process??
I put lsof -i -P -n into the terminal and this is the output. I believe i am being hacked??

Code:
lsof -i -P -n
COMMAND    PID        USER   FD   TYPE     DEVICE SIZE/OFF NODE NAME
SystemUIS 1578 melodysneed    9u  IPv4 0x07d608ec      0t0  UDP *:*
SystemUIS 1578 melodysneed   11u  IPv4 0x0ba68810      0t0  UDP *:*
WebProces 2141 melodysneed    7u  IPv4 0x0c550748      0t0  TCP 192.168.1.71:51015->74.125.67.17:443 (ESTABLISHED)
WebProces 2141 melodysneed   11u  IPv4 0x049f7ee8      0t0  TCP 192.168.1.71:50706->207.46.232.182:80 (ESTABLISHED)

Last edited by pludi; 08-28-2011 at 05:43 PM..
 

9 More Discussions You Might Find Interesting

1. Programming

C Prog to close a socket in established state

I have a SUN environment running an WebLogic that communicates w/a 3rd party running IIS. When the IIS site goes down (frequently), I am stuck with sockets in an ESTABLISHED state, and cannot seem to figure out how to avoid this. No exceptions are thrown as I can still open connections to the IIS... (1 Reply)
Discussion started by: teledelux
1 Replies

2. IP Networking

Sniffing an established port

Hi All, On a solaris box A port B in which port B is established and receiving data. My question is how do i listen on that established port , how can i get the data received at box A: port B through my application I had searched the forum for the same, but i am unable to retrieve the... (5 Replies)
Discussion started by: matrixmadhan
5 Replies

3. HP-UX

[HP-UX] Established ports although LAN is disconnected.

Hi, I have a few questions. There is a CORBA connection between 2 HP-UX 11.11i hosts. Then the LAN of the 2nd host is pulled. On the 1st host all connections disappear, as expected. But on the 2nd host all connections still are present, as established. With lsof one can see that the... (2 Replies)
Discussion started by: ejdv
2 Replies

4. Solaris

How to kill the TCP ESTABLISHED connection in netstat

Hello, Actually there are some bugs in application which does not close the TCP connection to other server though CORBA. We need to kill that ESTABLISHED connections as new connection are not happeneing as the allocated ports were used and showing as ESTABLISHED Is there any... (4 Replies)
Discussion started by: GIC1986
4 Replies

5. Solaris

Established connections causing lag?

I'm not to sure how to go about this questions, so I will just ask it and then get criticized. How many Established connections should a V440 be able to support? (4 Replies)
Discussion started by: adelsin
4 Replies

6. Shell Programming and Scripting

Function to kill the established rsh session

HI I know that it sounds crazy :eek: appreciated if any one provided me a solution for my below case , the below script is checking the Database availability on many servers by establishing rsh session ( one by one ) , sometime one of the servers goes down and while this the script taking... (0 Replies)
Discussion started by: bejo4ever
0 Replies

7. Red Hat

Help: Find established conn source

Hi Friends, On one of my server which having direct connection to internet without firewall ..am seeing a established connection with SSH .. am not getting how ..there no login but I can see this established connection . ## have hidden original IPs with below notations for security concerns .... (0 Replies)
Discussion started by: Shirishlnx
0 Replies

8. AIX

AIX firewall accept established connection

I'm trying to configure a firewall for AIX to accept incoming connections on ports 22 and 443 and deny everything else. All is ok; the server accepts connections only on 22 and 443, but after that I also need to accept all outgoing connections -- ssh and telnet, for example. So I started with ... (0 Replies)
Discussion started by: Michael1457
0 Replies

9. UNIX for Advanced & Expert Users

30 tcp connections Established for a while and after a few minutes are close

Good morning, I need your help please After Restarting Aps or connection, these are connections tcp 0 0 10.80.1.26.57597 10.81.248.79.53008 ESTABLISHED tcp 0 47 10.80.1.26.57607 10.81.248.79.53008 ESTABLISHED tcp 0 0 ... (4 Replies)
Discussion started by: alexcol
4 Replies

LEARN ABOUT DEBIAN

paranoid::network

Paranoid::Network(3pm)					User Contributed Perl Documentation				    Paranoid::Network(3pm)

NAME

       Paranoid::Network - Network functions for paranoid programs

VERSION

       $Id: Network.pm,v 0.68 2012/05/29 21:38:19 acorliss Exp $

SYNOPSIS

	 use Paranoid::Network;

	 $rv  = ipInNetwork($ip, @networks);
	 $rv  = hostInDomain($host, @domains);
	 @ips = extractIP($string1, $string2);
	 $rv = netIntersect( $cidr1, $cidr2 );

DESCRIPTION

       This modules contains functions that may be useful for network operations.  IPv6 is supported out of the box starting with Perl 5.14.
       Earlier versions of Perl will require Socket6(3) installed as well.  If it is available this module will use it automatically.

SUBROUTINES
/METHODS
   ipInNetwork
	 $rv = ipInNetwork($ip, @networks);

       This function checks the passed IP against each of the networks or IPs in the list and returns true if there's a match.	The list of
       networks can be either individual IP address or network addresses in CIDR notation or with full netmasks:

	 @networks = qw(127.0.0.1
			192.168.0.0/24
			172.16.12.0/255.255.240.0);

       IPv6 is supported if the Socket6(3) module is installed or you're running Perl 5.14 or higher.  This routine will select the appropriate
       address family based on the IP you're testing and filter out the opposing address family in the list.

       NOTE:  IPv4 addresses encoded as IPv6 addresses, e.g.:

	 ::ffff:192.168.0.5

       are supported, however an IP address submitted in this format as the IP to test for will be converted to a pure IPv4 address and compared
       only against the IPv4 networks.	This is meant as a convenience to the developer supporting dual-stack systems to avoid having to list IPv4
       networks in the array twice like so:

	 ::ffff:192.168.0.0/120, 192.168.0.0/24

       Just list IPv4 as IPv4, IPv6 as IPv6, and this routine will convert IPv6-encoded IPv4 addresses automatically.  This would make the
       following test return a true value:

	 ipInNetwork( '::ffff:192.168.0.5', '192.168.0.0/24' );

       but

	 ipInNetwork( '::ffff:192.168.0.5', '::ffff:192.168.0.0/120' );

       return a false value.  This may seem counter intuitive, but it simplifies things in (my alternate) reality.

       Please note that this automatic conversion only applies to the IP argument, not to any member of the network array.

   hostInDomain
	 $rv = hostInDomain($host, @domains);

       This function checks the passed hostname (fully qualified) against each of the domains in the list and returns true if there's a match.
       None of the domains should have the preceding '.' (i.e., 'foo.com' rather than '.foo.com').

   extractIPs
	   @ips = extractIP($string1, $string2);

       This function extracts IP addresses from arbitrary text.  If you have Socket6(3) installed or running Perl 5.14 or higher it will extract
       IPv6 addresses as well as IPv4 addresses.  This extracts only IP addresses, not network addresses in CIDR or dotted octet notation.  In the
       case of the latter the netmask will be extracted as an additional address.

       NOTE: in the interest of performance this function does only rough regex extraction of IP-looking candidates, then runs them through
       inet_aton (for IPv4) and inet_pton (for IPv6) to see if they successfully convert.  Even with the overhead of Paranoid (with debugging and
       loadModule calls for Socket6 and what-not) it seems that this is an order of a magnitude faster than doing a pure regex extraction &
       validation of IPv6 addresses.

       NOTE: Like the ipInNetwork function we filter out IPv4 addresses encoded as IPv6 addresses since that address is already returned as a pure
       IPv4 address.

   netIntersect
	 $rv = netIntersect( $cidr1, $cidr2 );

       This function is an IPv4/IPv6 agnostic wrapper for the ipv{4,6}NetIntersect functions provided by Paranoid::Network::IPv{4,6} modules.  The
       return value from which ever function called is passed on directly.  Passing this function non-IP or undefined values simply returns a
       zero.

DEPENDENCIES

       o   Paranoid

       o   Paranoid::Network::Socket

       o   Paranoid::Network::IPv4

       o   Paranoid::Network::IPv6

BUGS AND LIMITATIONS

AUTHOR

       Arthur Corliss (corliss@digitalmages.com)

LICENSE AND COPYRIGHT

       This software is licensed under the same terms as Perl, itself.	Please see http://dev.perl.org/licenses/ for more information.

       (c) 2005, Arthur Corliss (corliss@digitalmages.com)

perl v5.14.2							    2012-05-29						    Paranoid::Network(3pm)
All times are GMT -4. The time now is 06:03 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy