Tema: Resultados de netstat "raros"
Ver Mensaje Individual
  #1 (permalink)  
Antiguo 15/01/2014, 10:28
Avatar de DooBie
DooBie
 
Fecha de Ingreso: septiembre-2004
Mensajes: 1.101
Antigüedad: 20 años, 1 mes
Puntos: 71
Resultados de netstat "raros"
Hola gente, hace un tiempo que hemos cambiado de servidor y haciendo un 'netstat -puntal' me salen estos datos:

Cita:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 824/mysqld
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 6198/apache2
tcp 0 0 127.0.0.1:10001 0.0.0.0:* LISTEN 1305/sw-cp-serverd
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 1041/master
tcp 0 0 260.260.260.260:53 0.0.0.0:* LISTEN 31314/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 31314/named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 31314/named
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 1041/master
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 6198/apache2
tcp 0 0 127.0.0.1:12768 0.0.0.0:* LISTEN 922/psa-pc-remote
tcp 0 0 0.0.0.0:22022 0.0.0.0:* LISTEN 703/sshd
tcp 0 0 127.0.0.1:59412 127.0.0.1:3306 TIME_WAIT -
tcp 0 0 260.260.260.260:80 ???.???.???.???:50410 TIME_WAIT -
tcp 0 0 127.0.0.1:59428 127.0.0.1:3306 TIME_WAIT -
tcp 0 0 127.0.0.1:3306 127.0.0.1:59421 TIME_WAIT -
tcp 0 0 260.260.260.260:80 ???.???.???.???:50401 TIME_WAIT -
tcp 0 0 127.0.0.1:59413 127.0.0.1:3306 TIME_WAIT -
tcp 0 0 127.0.0.1:59406 127.0.0.1:3306 TIME_WAIT -
tcp 0 0 127.0.0.1:3306 127.0.0.1:59437 ESTABLISHED 824/mysqld
tcp 0 0 127.0.0.1:59437 127.0.0.1:3306 ESTABLISHED 14258/apache2
tcp 0 0 127.0.0.1:59424 127.0.0.1:3306 TIME_WAIT -
tcp 0 0 260.260.260.260:80 ???.???.???.???:40544 TIME_WAIT -
tcp 0 0 127.0.0.1:59420 127.0.0.1:3306 TIME_WAIT -
tcp 0 0 127.0.0.1:59408 127.0.0.1:3306 TIME_WAIT -
tcp 0 0 260.260.260.260:80 ???.???.???.???:50104 FIN_WAIT2 -
tcp 0 0 127.0.0.1:59415 127.0.0.1:3306 TIME_WAIT -
tcp 0 0 260.260.260.260:80 ???.???.???.???:49657 ESTABLISHED 13794/apache2
tcp 0 0 127.0.0.1:59423 127.0.0.1:3306 TIME_WAIT -
tcp 0 0 127.0.0.1:59399 127.0.0.1:3306 TIME_WAIT -
tcp 0 0 127.0.0.1:59410 127.0.0.1:3306 TIME_WAIT -
tcp 0 0 127.0.0.1:59434 127.0.0.1:3306 TIME_WAIT -
tcp 0 0 260.260.260.260:80 ???.???.???.???:50412 ESTABLISHED 13931/apache2
tcp 0 0 127.0.0.1:59433 127.0.0.1:3306 TIME_WAIT -
tcp 0 0 127.0.0.1:59435 127.0.0.1:3306 TIME_WAIT -
tcp 0 0 260.260.260.260:80 ???.???.???.???:50406 TIME_WAIT -
tcp 0 0 127.0.0.1:59419 127.0.0.1:3306 TIME_WAIT -
tcp 0 5424 260.260.260.260:22022 ???.???.???.???:38411 ESTABLISHED 13963/sshd: usuario [p
tcp 0 0 127.0.0.1:59407 127.0.0.1:3306 TIME_WAIT -
tcp 0 0 127.0.0.1:59401 127.0.0.1:3306 TIME_WAIT -
tcp 0 0 127.0.0.1:59405 127.0.0.1:3306 TIME_WAIT -
tcp 0 0 127.0.0.1:59402 127.0.0.1:3306 TIME_WAIT -
tcp 0 0 260.260.260.260:80 ???.???.???.???:50409 FIN_WAIT2 -
tcp 0 0 127.0.0.1:3306 127.0.0.1:59430 TIME_WAIT -
tcp 0 0 127.0.0.1:59426 127.0.0.1:3306 TIME_WAIT -
tcp 0 0 260.260.260.260:80 ???.???.???.???:50108 ESTABLISHED 14258/apache2
tcp 0 0 260.260.260.260:80 ???.???.???.???:50402 TIME_WAIT -
tcp 0 0 127.0.0.1:59429 127.0.0.1:3306 TIME_WAIT -
tcp 0 0 127.0.0.1:59416 127.0.0.1:3306 TIME_WAIT -
tcp 0 0 127.0.0.1:3306 127.0.0.1:59418 TIME_WAIT -
tcp 0 0 127.0.0.1:59417 127.0.0.1:3306 TIME_WAIT -
tcp 0 0 127.0.0.1:59400 127.0.0.1:3306 TIME_WAIT -
tcp 0 0 127.0.0.1:3306 127.0.0.1:59432 TIME_WAIT -
tcp 0 0 127.0.0.1:3306 127.0.0.1:59422 TIME_WAIT -
tcp 0 0 127.0.0.1:3306 127.0.0.1:59404 TIME_WAIT -
tcp 0 0 127.0.0.1:3306 127.0.0.1:59414 TIME_WAIT -
tcp 0 0 127.0.0.1:3306 127.0.0.1:59403 TIME_WAIT -
tcp 0 0 260.260.260.260:80 ???.???.???.???:50408 TIME_WAIT -
tcp 0 0 127.0.0.1:59431 127.0.0.1:3306 TIME_WAIT -
tcp 0 0 260.260.260.260:80 ???.???.???.???:38325 TIME_WAIT -
tcp 0 0 127.0.0.1:59436 127.0.0.1:3306 TIME_WAIT -
tcp6 0 0 :::106 :::* LISTEN 772/xinetd
tcp6 0 0 :::110 :::* LISTEN 876/couriertcpd
tcp6 0 0 :::143 :::* LISTEN 855/couriertcpd
tcp6 0 0 :::465 :::* LISTEN 1041/master
tcp6 0 0 :::53 :::* LISTEN 31314/named
tcp6 0 0 :::888 :::* LISTEN 1305/sw-cp-serverd
tcp6 0 0 :::3448 :::* LISTEN 1305/sw-cp-serverd
tcp6 0 0 :::25 :::* LISTEN 1041/master
tcp6 0 0 :::21021 :::* LISTEN 772/xinetd
tcp6 0 0 :::993 :::* LISTEN 866/couriertcpd
tcp6 0 0 :::995 :::* LISTEN 886/couriertcpd
tcp6 0 0 :::22022 :::* LISTEN 703/sshd
tcp6 0 0 260.260.260.260:110 ???.???.???.???:52503 TIME_WAIT -
tcp6 0 0 260.260.260.260:110 ???.???.???.???:52502 TIME_WAIT -
udp 0 0 260.260.260.260:123 0.0.0.0:* 1651/ntpd
udp 0 0 127.0.0.1:123 0.0.0.0:* 1651/ntpd
udp 0 0 0.0.0.0:123 0.0.0.0:* 1651/ntpd
udp 0 0 127.0.0.1:161 0.0.0.0:* 1493/snmpd
udp 0 0 0.0.0.0:57789 0.0.0.0:* 1493/snmpd
udp 0 0 260.260.260.260:53 0.0.0.0:* 31314/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 31314/named
udp6 0 0 ::1:123 :::* 1651/ntpd
udp6 0 0 fe80::216:3eff:fe8c:123 :::* 1651/ntpd
udp6 0 0 :::123 :::* 1651/ntpd
udp6 0 0 :::53 :::* 31314/named
Decir que en el servidor esta instalado ssh, ftp, mysql, http, https, ntp, dns, smtp, imap, courier y plesk (creo que no me dejo ninguno), de ahí la cantidad de puertos abiertos, lo que no entiendo es que mysql tenga tantas escuchas en TIME_WAIT, significa eso una mala configuracion de mysql o una mala programacion de la web?