<div>So I am surprised there isn't a well-known, defined path for when something inside your machine is trying to communicate outside without your permission. I have no idea what this is, trying to reach out to some guy's home machine in Chicago, but it can't be good. The only thing that's stopping him is Shorewall. <br><br></div>
<div>Is it that everyone else has all outgoing ports open, and are completely unaware of such attempts?<br><br></div> <div>I don't understand why netcat does not pick up these outgoing attempts to 3333 when I set it to watch. It has proven completely blind when I get waves of them, as has Wireshark. Are netcat and Wireshark not listening for both source and destination port traffic? Here is my command:<br></div> <div>netstat -cantup | grep 3333 <br><br> </div> <div>Of course my intent and my purpose would be to trace these outgoing attempts to a process number or name in my machine, at the most basic, so I could know whether this is a cron job or daemon, much less how I got it. This seems like the very first and most basic step to take in a case like this, but it seems I am doing New Science. It seems my only option at this point is to wipe and completely reinstall the OS. How I got infected is a mystery, as is how to prevent it from happening again, other than learning everything about SELinux.<br><br> </div> <div>There has got to be a better way. <br><br> </div> -- http://www.fastmail.fm - A fast, anti-spam email service. ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_sfd2d_oct _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
