Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5
  1. #1
    Senior Coder
    Join Date
    Dec 2005
    Location
    Slovenia
    Posts
    1,960
    Thanks
    120
    Thanked 76 Times in 76 Posts

    linux uncontroled connection out

    this is from firestarter:


    the red lines are my concern,hanging there for days. They are not initialited by me.

    Can this be harmful in any way, coz it is out, they can't get in at any port except 80, coz all the rest are closed, or limited to me only.

    How to investegate that ? And don't tell me to look at man of netstat and lsof command, give me more details please.

    Thanks.
    Found a flower or bug and don't know what it is ?
    agrozoo.net galery
    if you don't spot search button at once, there is search form:
    agrozoo.net galery search

  • #2
    Supreme Overlord Spookster's Avatar
    Join Date
    May 2002
    Location
    Marion, IA USA
    Posts
    6,278
    Thanks
    4
    Thanked 83 Times in 82 Posts
    What red lines?
    Spookster
    CodingForums Supreme Overlord
    All Hail Spookster

  • #3
    Senior Coder
    Join Date
    Dec 2005
    Location
    Slovenia
    Posts
    1,960
    Thanks
    120
    Thanked 76 Times in 76 Posts
    the lines where 'my ip' text is red. Some process is connecting out, and I don't know what it is doing, and not started by me as far as I know.
    Found a flower or bug and don't know what it is ?
    agrozoo.net galery
    if you don't spot search button at once, there is search form:
    agrozoo.net galery search

  • #4
    Regular Coder primefalcon's Avatar
    Join Date
    Aug 2008
    Location
    /home/primefalcon/
    Posts
    678
    Thanks
    8
    Thanked 39 Times in 39 Posts
    Quote Originally Posted by BubikolRamios View Post
    the lines where 'my ip' text is red. Some process is connecting out, and I don't know what it is doing, and not started by me as far as I know.
    I did a whois on that IP and got this

    Code:
    % This is the RIPE Database query service.
    % The objects are in RPSL format.
    %
    % The RIPE Database is subject to Terms and Conditions.
    % See http://www.ripe.net/db/support/db-terms-conditions.pdf
    
    % Note: This output has been filtered.
    %       To receive output for a database update, use the "-B" flag.
    
    % Information related to '213.229.216.0 - 213.229.223.255'
    
    inetnum:        213.229.216.0 - 213.229.223.255
    netname:        MOBITEL-GPRS
    descr:          IP`s for Mobitel`s users
    country:        SI
    admin-c:        MR4575-RIPE
    tech-c:         MR4575-RIPE
    status:         ASSIGNED PA
    remarks:        INFRA-AW
    mnt-by:         MOBITEL_M-RIPE
    mnt-routes:     MOBITEL_M-RIPE
    remarks:        --------------------------------------------------------------
    remarks:        Please send abuse & spam notification only to abuse@mobitel.si
    remarks:        --------------------------------------------------------------
    source:         RIPE # Filtered
    
    role:           Mobitel RIPE Admins
    address:        Mobitel d.d.
                    Vilharjeva 23
                    1000 Ljubljana
                    SI Slovenia
    admin-c:        MK7115-RIPE
    admin-c:        INIT9-RIPE
    tech-c:         MK7115-RIPE
    tech-c:         INIT9-RIPE
    nic-hdl:        MR4575-RIPE
    abuse-mailbox:  abuse@mobitel.si
    source:         RIPE # Filtered
    
    % Information related to '213.229.192.0/18AS29276'
    
    route:          213.229.192.0/18
    descr:          Mobitel d.d., PA Block
    descr:          IP`s for Mobitel`s users
    origin:         AS29276
    mnt-routes:     MOBITEL_M-RIPE
    mnt-by:         MOBITEL_M-RIPE
    mnt-lower:      MOBITEL_M-RIPE
    source:         RIPE # Filtered
    
    % Information related to '213.229.192.0/19AS29276'
    
    route:          213.229.192.0/19
    descr:          Mobitel d.d. 213.229.192.0/19
    descr:          IP`s for Mobitel`s users
    origin:         AS29276
    mnt-by:         MOBITEL_M-RIPE
    mnt-lower:      MOBITEL_M-RIPE
    source:         RIPE # Filtered
    does that mean anything to you?

  • #5
    Senior Coder
    Join Date
    Dec 2005
    Location
    Slovenia
    Posts
    1,960
    Thanks
    120
    Thanked 76 Times in 76 Posts
    Nothing. Blocked that ip for outbound traffic for now. The prob is that there are one or two dynamic ip-s that are behaving similar ....
    Found a flower or bug and don't know what it is ?
    agrozoo.net galery
    if you don't spot search button at once, there is search form:
    agrozoo.net galery search


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •