(on Mon, 2020-11-30 at 18:37 +0000, Tim wrote)
> ...you really want to do something like "netstat -atuevp" to see
what, where,
> and who is involved in network traffic.
(on Mon, 2020-11-30 at 21:03 +0000, Ed Greshko wrote)
> Along with watching the output of wireshark, you should run "netstat
-atuevp"
> and see what connections are "established".
I tried that as root after seeing Tim's suggestion. I saw nothing
useful in the output, so I did not post it. My apologies for that.
I've re-ran it now as root. The output is attached.
I've installed wireshark. The man page is thousands of lines long. Is
there a good beginner-level tutorial for that?!
-bash.5[~]: netstat -atuevp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 coyote:domain 0.0.0.0:* LISTEN root 26606 1120/dnsmasq
tcp 0 0 0.0.0.0:ipp 0.0.0.0:* LISTEN root 26595 951/cupsd
tcp 0 0 localhost:smtp 0.0.0.0:* LISTEN root 53238 2772/sendmail: acce
tcp 0 0 c-98-245-12-4.hsd:37216 ec2-54-200-0-167.:https ESTABLISHED weilian.eng 460303 129664/firefox
tcp 0 0 c-98-245-12-4.hsd:32814 sky200-1.mail.vip:imaps ESTABLISHED weilian.eng 640556 2775/thunderbird
tcp 0 0 c-98-245-12-4.hsd:32818 sky200-1.mail.vip:imaps ESTABLISHED weilian.eng 640558 2775/thunderbird
tcp 0 0 c-98-245-12-4.hsd:32802 sky200-1.mail.vip:imaps ESTABLISHED weilian.eng 638896 2775/thunderbird
tcp 0 0 c-98-245-12-4.hsd:32806 sky200-1.mail.vip:imaps ESTABLISHED weilian.eng 643222 2775/thunderbird
tcp 1 0 c-98-245-12-4.hsd:32798 sky200-1.mail.vip:imaps CLOSE_WAIT weilian.eng 638822 2775/thunderbird
tcp6 0 0 [::]:ipp [::]:* LISTEN root 26596 951/cupsd
tcp6 0 0 coyote:41038 2001:558:fc18:1:f:imaps ESTABLISHED weilian.eng 602695 2775/thunderbird
tcp6 0 0 coyote:60142 2001:558:fc18:2:f:imaps ESTABLISHED weilian.eng 57549 2775/thunderbird
udp 0 0 coyote:domain 0.0.0.0:* root 26605 1120/dnsmasq
udp 0 0 0.0.0.0:bootps 0.0.0.0:* root 26602 1120/dnsmasq
udp 0 0 c-98-245-12-4.hs:bootpc denv01dhcp-ho-02:bootps ESTABLISHED root 627585 860/NetworkManager
udp 0 0 localhost:323 0.0.0.0:* root 27721 797/chronyd
udp 0 0 0.0.0.0:36321 0.0.0.0:* avahi 27152 752/avahi-daemon: r
udp 0 0 0.0.0.0:mdns 0.0.0.0:* avahi 27150 752/avahi-daemon: r
udp6 0 0 [::]:56849 [::]:* avahi 27153 752/avahi-daemon: r
udp6 0 0 localhost:323 [::]:* root 27722 797/chronyd
udp6 0 0 coyote:dhcpv6-client [::]:* root 53067 860/NetworkManager
udp6 0 0 [::]:mdns [::]:* avahi 27151 752/avahi-daemon: r
-bash.6[~]:
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx