Unsolicited services and connections
by oswerks from LinuxQuestions.org on (#53244)
Greetings. I've been using Linux desktop for a while, but I am still very new to it. So help is much appreciated.
Reason for the question is:
I went to an "alternative-to-youtube" website and while on it, iftop showed a connection from my computer's port 2811 to a website i was visiting, and it sent around 100 packets to website related ip(cloudflare).
I have a decent iptables setup, with quite a number of system ports blocked and this type of ftp(2811) called GridFTP is something i missed. I missed it since I do not have any "grid computing" programs installed. Unless it comes with Linux kernel?
I tried to locate any 2811 port related (gsiftp) programs and checked my packages but there was nothing there.
So maybe a proper reason for a question would be, how come that a service that is not running, and is not available on my desktop did initiate this connection?
Also, is there any magical Linux program that can monitor when a network connection is established/attempted and record details of who, when and how many packets/bytes?
(edit, is there any that can log it to a text file...)
Reason for the question is:
I went to an "alternative-to-youtube" website and while on it, iftop showed a connection from my computer's port 2811 to a website i was visiting, and it sent around 100 packets to website related ip(cloudflare).
I have a decent iptables setup, with quite a number of system ports blocked and this type of ftp(2811) called GridFTP is something i missed. I missed it since I do not have any "grid computing" programs installed. Unless it comes with Linux kernel?
I tried to locate any 2811 port related (gsiftp) programs and checked my packages but there was nothing there.
So maybe a proper reason for a question would be, how come that a service that is not running, and is not available on my desktop did initiate this connection?
Also, is there any magical Linux program that can monitor when a network connection is established/attempted and record details of who, when and how many packets/bytes?
(edit, is there any that can log it to a text file...)