Board index Linux Networking

How to find out application that send outs packets on certain port

How to find out application that send outs packets on certain port

Post by Andreas Morode » Thu, 12 Sep 2002 18:35:09



Hello,

our firewall tells me that a machine is trying to send out packets on 2
different ports every 5 to 10 minutes.
Is there a easy way to find out the application that sends this packets ?

Thank you
Andreas

 
 
 
Top

How to find out application that send outs packets on certain port

Post by Magnus Mage » Thu, 12 Sep 2002 18:50:51



> Hello,

> our firewall tells me that a machine is trying to send out packets on 2
> different ports every 5 to 10 minutes.
> Is there a easy way to find out the application that sends this packets ?

> Thank you
> Andreas

Is it a machine of your local net?

Magnus

 
 
 
Top

How to find out application that send outs packets on certain port

Post by Andreas Morode » Thu, 12 Sep 2002 19:41:05


Hello Magnus,

it's a local machine that tries to contact an external address over the
ports 137 and 415. 137 is SMB an I have samba running, but I don't know
why it tries to go out so I anna find out the exact process that sends
the pakets ( It's not shure that it is samba that send them as long I
don't find the pid ). The other port is 451, also a SMB over IP port,
but the samba version I have installed does not support this port, so I
need to know who sends.

My machine is a Suse 7.2 with 2.4.18 Kernel

Bye
Andreas

Magnus Mager schrieb:


>>Hello,

>>our firewall tells me that a machine is trying to send out packets on 2
>>different ports every 5 to 10 minutes.
>>Is there a easy way to find out the application that sends this packets ?

>>Thank you
>>Andreas

> Is it a machine of your local net?

> Magnus

 
 
 
Top

How to find out application that send outs packets on certain port

Post by Magnus Mage » Thu, 12 Sep 2002 20:55:51



> Hello Magnus,

> it's a local machine that tries to contact an external address over the
> ports 137 and 415. 137 is SMB an I have samba running, but I don't know
> why it tries to go out so I anna find out the exact process that sends
> the pakets ( It's not shure that it is samba that send them as long I
> don't find the pid ). The other port is 451, also a SMB over IP port,
> but the samba version I have installed does not support this port, so I
> need to know who sends.

> My machine is a Suse 7.2 with 2.4.18 Kernel

> Bye
> Andreas

> Magnus Mager schrieb:

>>>Hello,

>>>our firewall tells me that a machine is trying to send out packets on 2
>>>different ports every 5 to 10 minutes.
>>>Is there a easy way to find out the application that sends this packets ?

>>>Thank you
>>>Andreas

>> Is it a machine of your local net?

>> Magnus

You should try "netstat --tcp -p" on that host in the hope, that the port
is hold open by the program. But I suppose you've tried this already...

Magnus

 
 
 
Top

How to find out application that send outs packets on certain port

Post by Andreas Morode » Fri, 13 Sep 2002 16:01:18


Hello Magnus,

thank you for your help,

I have found the culprit, it is nmbd , the samba wins-server.
Now I will ask the samba newsgroup fro help

Bye
Andreas Moroder

Magnus Mager schrieb:


>>Hello Magnus,

>>it's a local machine that tries to contact an external address over the
>>ports 137 and 415. 137 is SMB an I have samba running, but I don't know
>>why it tries to go out so I anna find out the exact process that sends
>>the pakets ( It's not shure that it is samba that send them as long I
>>don't find the pid ). The other port is 451, also a SMB over IP port,
>>but the samba version I have installed does not support this port, so I
>>need to know who sends.

>>My machine is a Suse 7.2 with 2.4.18 Kernel

>>Bye
>>Andreas

>>Magnus Mager schrieb:


>>>>Hello,

>>>>our firewall tells me that a machine is trying to send out packets on 2
>>>>different ports every 5 to 10 minutes.
>>>>Is there a easy way to find out the application that sends this packets ?

>>>>Thank you
>>>>Andreas

>>>Is it a machine of your local net?

>>>Magnus

> You should try "netstat --tcp -p" on that host in the hope, that the port
> is hold open by the program. But I suppose you've tried this already...

> Magnus

 
 
 
Top

1. Help RAN 16 Port Pin outs

We have a RAN 16 port with the typical 10 pin setup. I was
looking to connect some terminals and modems up to this by putting
together some cables. I had the IBM tech out here and he said he didnt
know what signals were on which pins. He had a couple of diagrams but
most were either wrong or had the transmit line on pin 1. This would
mean you had to have a ten pin connector instead of the usual 8 pin
RJ45. Does anyone have the correct pin outs for this device? Please

                                                Thanks in advance

2. cannot launch apps when kppp is connected to ISP

3. Pin outs for parallel port zip drive cable?

4. How to move one Linux system to new hardware?

5. Keeping Track of my Login/outs?csh script

6. BackupEDGE performance with Conner/Archive DAT

7. Modem lock outs

8. plug 'n' play devices?

9. Can apache/stronghold log when a user 'click outs' of your site?

10. Phony Rev Outs Himself was: Aliyah...

11. Removing banner pages from print outs

12. More page outs than page ins?

13. fix VIA Rhine time outs (some)


All times are UTC
Board index