I rebooted, and did a few netstat's and an iftop while the workstation was "quiet". I pasted output from 2 netstat runs into a text file.
I paused the iftop display many times to grab line pairs of interest, and pasted those into the text file that has the netstat runs.
The text file is attached.Most of the entries in the iftop display involve comcast, my internet service provider. Quite a few unexpected addresses also show up in iftop. A few questions come to mind...
A few years ago, I saw in the system journal numerous log-in attempts by outsiders from all over the world, and opened a thread about that. Now such attempts are blocked by the firewall. If an outsider tries to communicate with my workstation, and the firewall blocks the attempt, will the attempt show up in the network activity panel of ksysguard? Will that attempt show up in the iftop display?
Bill.
bash.4[~]: netstat -atuevp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 coyote:domain 0.0.0.0:* LISTEN root 31188 1084/dnsmasq
tcp 0 0 0.0.0.0:ipp 0.0.0.0:* LISTEN root 22447 947/cupsd
tcp 0 0 localhost:smtp 0.0.0.0:* LISTEN root 39031 1680/sendmail: acce
tcp6 0 0 [::]:ipp [::]:* LISTEN root 22448 947/cupsd
udp 0 0 0.0.0.0:mdns 0.0.0.0:* avahi 22058 748/avahi-daemon: r
udp 0 0 coyote:domain 0.0.0.0:* root 31187 1084/dnsmasq
udp 0 0 0.0.0.0:bootps 0.0.0.0:* root 31184 1084/dnsmasq
udp 0 0 c-98-245-12-4.hs:bootpc denv01dhcp-ho-02:bootps ESTABLISHED root 29795 862/NetworkManager
udp 0 0 localhost:323 0.0.0.0:* root 25199 763/chronyd
udp 0 0 0.0.0.0:58501 0.0.0.0:* avahi 22060 748/avahi-daemon: r
udp6 0 0 [::]:mdns [::]:* avahi 22059 748/avahi-daemon: r
udp6 0 0 localhost:323 [::]:* root 25200 763/chronyd
udp6 0 0 coyote:dhcpv6-client [::]:* root 30632 862/NetworkManager
udp6 0 0 [::]:33746 [::]:* avahi 22061 748/avahi-daemon: r
bash.5[~]: netstat -atuevp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 coyote:domain 0.0.0.0:* LISTEN root 31188 1084/dnsmasq
tcp 0 0 0.0.0.0:ipp 0.0.0.0:* LISTEN root 22447 947/cupsd
tcp 0 0 localhost:smtp 0.0.0.0:* LISTEN root 39031 1680/sendmail: acce
tcp6 0 0 [::]:ipp [::]:* LISTEN root 22448 947/cupsd
udp 0 0 0.0.0.0:mdns 0.0.0.0:* avahi 22058 748/avahi-daemon: r
udp 0 0 coyote:domain 0.0.0.0:* root 31187 1084/dnsmasq
udp 0 0 0.0.0.0:bootps 0.0.0.0:* root 31184 1084/dnsmasq
udp 0 0 c-98-245-12-4.hs:bootpc denv01dhcp-ho-02:bootps ESTABLISHED root 29795 862/NetworkManager
udp 0 0 localhost:323 0.0.0.0:* root 25199 763/chronyd
udp 0 0 0.0.0.0:58501 0.0.0.0:* avahi 22060 748/avahi-daemon: r
udp6 0 0 [::]:mdns [::]:* avahi 22059 748/avahi-daemon: r
udp6 0 0 localhost:323 [::]:* root 25200 763/chronyd
udp6 0 0 coyote:dhcpv6-client [::]:* root 30632 862/NetworkManager
udp6 0 0 [::]:33746 [::]:* avahi 22061 748/avahi-daemon: r
bash.6[~]:
-----
some captured iftop lines
-----
c-98-245-12-4.hsd1.co.comcast.net => 172.86.179.85 0b 0b 15b
<= 0b 0b 15b
c-98-245-12-4.hsd1.co.comcast.net => aksdefk.cn 0b 0b 15b
<= 0b 0b 9b
c-98-245-12-4.hsd1.co.comcast.net => ns570281.ip-51-161-12.net 0b 0b 14b
<= 0b 0b 9b
c-98-245-12-4.hsd1.co.comcast.net => 167.71.161.95 0b 0b 14b
<= 0b 0b 9b
c-98-245-12-4.hsd1.co.comcast.net => HOST.DNANUTRITIONCENTER.ORG 0b 0b 14b
<= 0b 0b 9b
c-98-245-12-4.hsd1.co.comcast.net => 45.129.33.180 0b 0b 14b
<= 0b 0b 9b
c-98-245-12-4.hsd1.co.comcast.net => 78.171.35.99.dynamic.ttnet.com.tr 0b 0b 14b
<= 0b 0b 9b
c-98-245-12-4.hsd1.co.comcast.net => 99-104-170-138.lightspeed.lsvlky.sbcglobal.net 0b 0b 15b
<= 0b 0b 15b
c-98-245-12-4.hsd1.co.comcast.net => sarasvati.sattvik.com 0b 0b 15b
<= 0b 0b 15b
c-98-245-12-4.hsd1.co.comcast.net => 80.82.68.29 0b 0b 14b
<= 0b 0b 9b
c-98-245-12-4.hsd1.co.comcast.net => 31.20.97.83.ro.ovo.sc 0b 54b 14b
<= 0b 37b 9b
c-98-245-12-4.hsd1.co.comcast.net => 121.23.133.254 272b 54b 14b
<= 184b 37b 9b
coyote => proxy09.fedoraproject.org 0b 426b 107b
<= 0b 625b 156b
c-98-245-12-4.hsd1.co.comcast.net => proxy13-rdu02.fedoraproject.org 0b 0b 83b
<= 0b 0b 136b
c-98-245-12-4.hsd1.co.comcast.net => scanner-01.ch1.censys-scanner.com 0b 0b 14b
<= 0b 0b 9b
c-98-245-12-4.hsd1.co.comcast.net => zg-0915b-89.stretchoid.com 0b 0b 14b
<= 0b 0b 9b
c-98-245-12-4.hsd1.co.comcast.net => 138.99.216.104 0b 0b 14b
<= 0b 0b 9b
c-98-245-12-4.hsd1.co.comcast.net => 31.184.215.57 0b 0b 14b
<= 0b 0b 9b
c-98-245-12-4.hsd1.co.comcast.net => scanner.openportstats.com 0b 0b 14b
<= 0b 0b 9b
c-98-245-12-4.hsd1.co.comcast.net => ec2-13-229-78-217.ap-southeast-1.compute.amazonaws.com 0b 32b 8b
<= 0b 37b 9b
c-98-245-12-4.hsd1.co.comcast.net => 96.120.119.53 0b 0b 0b
<= 0b 0b 150b
c-98-245-12-4.hsd1.co.comcast.net => www.arbor-observatory.com 0b 0b 0b
<= 0b 37b 9b
c-98-245-12-4.hsd1.co.comcast.net => zg-0915a-345.stretchoid.com 0b 54b 14b
<= 0b 37b 9b
c-98-245-12-4.hsd1.co.comcast.net => 203.166.213.199 0b 54b 14b
<= 0b 37b 9b
c-98-245-12-4.hsd1.co.comcast.net => scan-02a.shadowserver.org 0b 54b 14b
<= 0b 37b 9b
c-98-245-12-4.hsd1.co.comcast.net => worker-01.sfj.censys-scanner.com 0b 0b 14b
<= 0b 0b 9b
c-98-245-12-4.hsd1.co.comcast.net => ip-113-42.4vendeta.com 0b 54b 14b
<= 0b 37b 9b
c-98-245-12-4.hsd1.co.comcast.net => no-mans-land.m247.com 0b 54b 14b
<= 0b 37b 9b
c-98-245-12-4.hsd1.co.comcast.net => 109x194x3x165.static-customer.bryansk.ertelecom.ru 0b 54b 14b
<= 0b 37b 9b
-----
some ip address first fields
-----
31
45
78
80
96
99
121
138
152
167
172
197
203
_______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
