On 12/27/2010 9:30 AM, S Mathias wrote: > I can see, that theres a program that keeps sending packets on port 25: > > Dec 27 14:11:46 a kernel: [ 6336.992320] O_D_LOG: IN= OUT=lo SRC=127.0.0.1 > DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=61533 DF PROTO=TCP > SPT=37263 DPT=25 WINDOW=32792 RES=0x00 SYN URGP=0 > Dec 27 14:12:01 a kernel: [ 6352.635704] O_D_LOG: IN= OUT=lo SRC=127.0.0.1 > DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=55853 DF PROTO=TCP > SPT=40644 DPT=25 WINDOW=32792 RES=0x00 SYN URGP=0 > Dec 27 14:12:04 a kernel: [ 6355.641085] O_D_LOG: IN= OUT=lo SRC=127.0.0.1 > DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=55854 DF PROTO=TCP > SPT=40644 DPT=25 WINDOW=32792 RES=0x00 SYN URGP=0 > Dec 27 14:12:10 a kernel: [ 6361.649059] O_D_LOG: IN= OUT=lo SRC=127.0.0.1 > DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=55855 DF PROTO=TCP > SPT=40644 DPT=25 WINDOW=32792 RES=0x00 SYN URGP=0 > > but where or how could i find out, that what process sends these packets?
On FreeBSD, take a look at the audit subsystem http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/audit.html ---Mike _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
