I have also seen as many as 30 established connections when I only had "two" Chromium browsers open.
I just opened one (just one) Chromium browser to Yahoo dot com and I see the following netstat -a report with 19 established
connections and I wonder why so many "established" when I only opened one browser?!
root@Microknoppix:/home/knoppix# netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 Microknoppix:ipp *:* LISTEN
tcp 243 0 Microknoppix:33956 mpr2.ngd.vip.bf1.:https CLOSE_WAIT
tcp 0 0 Microknoppix:45502 69.25.24.26:https ESTABLISHED
tcp 0 0 Microknoppix:36332 mia07s35-in-f99.1:https ESTABLISHED
tcp 0 0 Microknoppix:35411 l1.ycs.vip.dxs.ya:https ESTABLISHED
tcp 0 0 Microknoppix:40574 ir2.fp.vip.ne1.ya:https ESTABLISHED
tcp 0 0 Microknoppix:56689 ok-in-f147.1e100.:https ESTABLISHED
tcp 0 0 Microknoppix:41777 mia07s26-in-f2.1e:https ESTABLISHED
tcp 0 0 Microknoppix:36537 adtechus-ssp-ums-:https CLOSE_WAIT
tcp 0 0 Microknoppix:33957 mpr2.ngd.vip.bf1.:https TIME_WAIT
tcp 0 0 Microknoppix:58497 mia07s25-in-f110.:https ESTABLISHED
tcp 0 0 Microknoppix:54188 pr-east.pbp.vip.b:https CLOSE_WAIT
tcp 0 0 Microknoppix:40678 24.143.206.211:https ESTABLISHED
tcp 0 0 Microknoppix:40829 mia07s25-in-f10.1:https ESTABLISHED
tcp 1 0 Microknoppix:49830 66.230.183.3:https CLOSE_WAIT
tcp 0 0 Microknoppix:37140 yts2.yql.vip.gq1.:https ESTABLISHED
tcp 0 0 Microknoppix:58527 mia07s25-in-f110.:https ESTABLISHED
tcp 0 0 Microknoppix:33951 mpr2.ngd.vip.bf1.:https TIME_WAIT
tcp 243 0 Microknoppix:33954 mpr2.ngd.vip.bf1.:https CLOSE_WAIT
tcp 0 0 Microknoppix:36329 mia07s35-in-f99.1:https ESTABLISHED
tcp 0 0 Microknoppix:33950 mpr2.ngd.vip.bf1.:https CLOSE_WAIT
tcp 0 0 Microknoppix:54522 r5.ycpi.vip.dxs.y:https ESTABLISHED
tcp 243 0 Microknoppix:33955 mpr2.ngd.vip.bf1.:https CLOSE_WAIT
tcp 0 0 Microknoppix:48394 mia07s24-in-f10.1:https ESTABLISHED
tcp 0 0 Microknoppix:47713 r2.ycpi.vip.gq1.y:https ESTABLISHED
tcp 0 0 Microknoppix:33953 mpr2.ngd.vip.bf1.:https CLOSE_WAIT
tcp 0 0 Microknoppix:59580 beap-csc.adx.vip.:https TIME_WAIT
tcp 0 0 Microknoppix:57079 mia07s27-in-f3.1e:https ESTABLISHED
tcp 0 0 Microknoppix:45538 mia07s35-in-f14.1:https ESTABLISHED
tcp 0 0 Microknoppix:41450 yk-in-f95.1e100.n:https ESTABLISHED
tcp 0 0 Microknoppix:42308 mpr1.ngd.vip.bf1.:https CLOSE_WAIT
tcp 0 0 Microknoppix:33850 a104-73-27-225.de:https ESTABLISHED
tcp 1 0 Microknoppix:37126 72.21.91.29:http CLOSE_WAIT
tcp6 0 0 localhost:ipp [::]:* LISTEN
udp 0 0 *:bootpc *:*
udp 0 0 *:mdns *:*
udp 0 0 *:18817 *:*
udp6 0 0 [::]:44157 [::]:*
raw6 0 0 [::]:ipv6-icmp [::]:*
I have also seen as many as 30 established connections when I only had "two" Chromium browsers open.
Sorry for the unsolicited thinking aloud. I thought at first that may be this is because Chromium has no script protection included. Tested with my version in Knoppix 7.2.0. My system has just the desired ports and protocols open. Could you check in ksysguard please?
here is the shell, and when I type ksysguard and click the Enter key, the command-line interface shows the following:
knoppix@Microknoppix:~$ ksysguard Got bus address: "unix:abstract=/tmp/dbus-UUqLI7jxMD,guid=5c851277612407c7ac463ea0557906f2" Connected to accessibility bus at: "unix:abstract=/tmp/dbus-UUqLI7jxMD,guid=5c851277612407c7ac463ea0557906f2" Registered DEC: true Registered event listener change listener: true QSpiAccessible::accessibleEvent not handled: "8008" obj: QObject(0x0) " invalid interface!" QSpiAccessible::accessibleEvent not handled: "6" obj: KMenu(0x82ad968, name = "file") "file" QSpiAccessible::accessibleEvent not handled: "7" obj: KMenu(0x82ad968, name = "file") "file" QSpiAccessible::accessibleEvent not handled: "6" obj: KMenu(0x832a888, name = "view") "view" QSpiAccessible::accessibleEvent not handled: "7" obj: KMenu(0x832a888, name = "view") "view" QSpiAccessible::accessibleEvent not handled: "6" obj: KMenu(0x832b1f0, name = "settings") "settings" QSpiAccessible::accessibleEvent not handled: "7" obj: KMenu(0x832b1f0, name = "settings") "settings" QSpiAccessible::accessibleEvent not handled: "6" obj: KMenu(0x832bc78, name = "help") "help" QSpiAccessible::accessibleEvent not handled: "7" obj: KMenu(0x832bc78, name = "help") "help" QSpiAccessible::accessibleEvent not handled: "6" obj: QMenu(0x828d5a8 "" QSpiAccessible::accessibleEvent not handled: "7" obj: QMenu(0x828d5a8 >>>>>>>>>
Plus 156 more consecutive lines, following continuously, that all look exactly the same and read exactly like this:
QSpiAccessible::accessibleEvent not handled: "8008" obj: QObject(0x0) " invalid interface!"
I have never used ksysguard before you introduced it to me today. The GUI for ksysguard is also available for me to see and ksysguard has now become my next favorite enjoyment. I did not understand all of the stdout after I typed ksysguard but I wanted to include it here for you to see. I respect and admire your help! (I used 1024x768 resolution)
-----
Little format by mod
Formatting suggestions:
Use double "new line" for new section.
You can use the "Go Advanced" button to have more abilities to format the posting; before sending your posting use "Preview" to see how it looks like.
If "noscript" (within Iceweasel/Firefox) is active for http://knoppix.net/forum/ disable it for this website; otherwise you cannot use the format abilities. Do not use Chrome/Chromium!
Below the editor area is the "Additional Options" area. With "Attachments → Manage Attachments" you can upload images and after this insert them in your posting.
Last edited by Werner P. Schulz; 06-11-2015 at 07:52 AM.
Don't you worry about the terminal values. You must focus on ksysguard GUI. First, run chromium.
First check which ports are open, and take a note.
check if you have ad blocker and noscript processes running.
Then in ksysguard find the processes that has those ports open and try to correspond them with processes running in ksysguard.
If not running (ad... and noscript), you add them immediately in chromium. Watch netstat. Close chromium. Wait.
After that again run chromium.
Watch netstat.
Next, find the processes that has those ports open and try to correspond them with processes running in ksysguard.
See if those questionable ports are open now.
This is far better done in multi-terminal using top, watch, and some judiciously chosen codes. If you come from Unix there will be an enormous added advantage.
Well, I can't write all the brainwaves coming in right now. But in time, with experience, you will understand blocking the irregular ports. And, CAUTION: Don't even play with ksysguard until you understand its workings. Otherwise, you are likely to crash your system. Just Observe, that's all!
And please, format your texts, otherwise it is very difficult for members (definitely for me) to differentiate your texts from the terminal API outputs.
There is one really benevolent person here who is watching. He will take note and, if he thinks, he will intervene and if required, will even format your posts. There are really some nice people here. Try to help them help you.
Last edited by rajibando; 06-11-2015 at 07:41 AM.
I got it this time.
Screenshot from 2015-06-11 04:11:20.png
First, post whether you know Unix/'Linux CLI'.
You won't find unless you use grep in CLI. Then make a script with 'do while' to call nmap every 500 millisecond with sleep. Then you will see what is changing in real time.
I guess you know, but if you are not from unix background, then use gnome-nettool.
No direct process name, but the two info can be correlated. Find which ports are used for what purposes. You will understand.
- I know that command-line interface involves
typing Linux commands in a shell and clicking the "Enter" key after typing the command; I like this way of making things happen in Linux.- I have used Knoppix since version 3.1 in 2003.
- gnome-nettool is becoming very flattering and I am using it now since you suggested it. It's great!
- With the information that you have sent to me, I will have plenty of learning to keep me busy for a considerable amount of time in the time that follows the present time.
- Blessings
- Bye now, and Cheers! Thanks!
Last edited by buymystock; 06-11-2015 at 10:14 AM. Reason: clairification
So you don't write scripts? You had better! I had given you a wonderful clue which you couldn't grasp
I would now request you to please stop jumping from one query to another and plain- and simply observe.
And as the mod said, stop using chromium. It is not a Debian/Standard Linux tool. It is a google tool, and is imperfect. Better use Firefox directly.
Best, use Iceweasel. It is a Debian finish.
Last, but not the least, please request the moderator to delete your multi-posts no. 6, 7 & 8. It is not required but shall confuse newbies.
And post your understanding, realisation with lot of explanations, here, so that future users can learn from your experience. Please don't hide your findings.
With lot of empathy, respect, and equality
Last edited by rajibando; 06-11-2015 at 10:17 AM.
Supermicro 6028R-E1CR24N 24x LFF- Wholesale Build Your Own Storage Server
$249.99
Dell PowerEdge R730XD Server 2x E5-2640 V3 -16 Cores H730 32GB RAM 4x RJ45
$256.99
Dell R640 1U server 128Gb DDR4 2x 8160 Platinum = 48 Cores 96 threads H730p CTO
$399.00
Dell R640 8x 2.5" SFF Server iDRAC ENT - Wholesale Custom Build Your Server
$269.99
Dell PowerEdge R630 Server 2x E5-2640v3 2.60Ghz 16-Core 64GB H330
$195.00
2U 12 Bay SAS3 SuperMicro Server 6028U-TR4T+ W/ X10DRU-i+ Barebone 12 Caddy RAIL
$199.00
Dell PowerEdge R630 Server 2x E5-2690v3 2.60Ghz 24-Core 128GB H330 Rails
$288.85
SuperMicro 4U 24 Bay LFF CSE-848XA-R3240B Barebone Server Chassis
$299.00
1U Server (6-8 VM's) Vsphere VPS Short Depth 20" XEON 3.5Ghz 32GB RAM X10SLM-F
$135.00
DELL POWEREDGE R630 8 x 2.5'' 2X E5-2680V4 32GB RAM IDRAC ENT & NDC 2X 495W PSU
$174.95