I have also seen as many as 30 established connections when I only had "two" Chromium browsers open.
I just opened one (just one) Chromium browser to Yahoo dot com and I see the following netstat -a report with 19 established
connections and I wonder why so many "established" when I only opened one browser?!
root@Microknoppix:/home/knoppix# netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 Microknoppix:ipp *:* LISTEN
tcp 243 0 Microknoppix:33956 mpr2.ngd.vip.bf1.:https CLOSE_WAIT
tcp 0 0 Microknoppix:45502 69.25.24.26:https ESTABLISHED
tcp 0 0 Microknoppix:36332 mia07s35-in-f99.1:https ESTABLISHED
tcp 0 0 Microknoppix:35411 l1.ycs.vip.dxs.ya:https ESTABLISHED
tcp 0 0 Microknoppix:40574 ir2.fp.vip.ne1.ya:https ESTABLISHED
tcp 0 0 Microknoppix:56689 ok-in-f147.1e100.:https ESTABLISHED
tcp 0 0 Microknoppix:41777 mia07s26-in-f2.1e:https ESTABLISHED
tcp 0 0 Microknoppix:36537 adtechus-ssp-ums-:https CLOSE_WAIT
tcp 0 0 Microknoppix:33957 mpr2.ngd.vip.bf1.:https TIME_WAIT
tcp 0 0 Microknoppix:58497 mia07s25-in-f110.:https ESTABLISHED
tcp 0 0 Microknoppix:54188 pr-east.pbp.vip.b:https CLOSE_WAIT
tcp 0 0 Microknoppix:40678 24.143.206.211:https ESTABLISHED
tcp 0 0 Microknoppix:40829 mia07s25-in-f10.1:https ESTABLISHED
tcp 1 0 Microknoppix:49830 66.230.183.3:https CLOSE_WAIT
tcp 0 0 Microknoppix:37140 yts2.yql.vip.gq1.:https ESTABLISHED
tcp 0 0 Microknoppix:58527 mia07s25-in-f110.:https ESTABLISHED
tcp 0 0 Microknoppix:33951 mpr2.ngd.vip.bf1.:https TIME_WAIT
tcp 243 0 Microknoppix:33954 mpr2.ngd.vip.bf1.:https CLOSE_WAIT
tcp 0 0 Microknoppix:36329 mia07s35-in-f99.1:https ESTABLISHED
tcp 0 0 Microknoppix:33950 mpr2.ngd.vip.bf1.:https CLOSE_WAIT
tcp 0 0 Microknoppix:54522 r5.ycpi.vip.dxs.y:https ESTABLISHED
tcp 243 0 Microknoppix:33955 mpr2.ngd.vip.bf1.:https CLOSE_WAIT
tcp 0 0 Microknoppix:48394 mia07s24-in-f10.1:https ESTABLISHED
tcp 0 0 Microknoppix:47713 r2.ycpi.vip.gq1.y:https ESTABLISHED
tcp 0 0 Microknoppix:33953 mpr2.ngd.vip.bf1.:https CLOSE_WAIT
tcp 0 0 Microknoppix:59580 beap-csc.adx.vip.:https TIME_WAIT
tcp 0 0 Microknoppix:57079 mia07s27-in-f3.1e:https ESTABLISHED
tcp 0 0 Microknoppix:45538 mia07s35-in-f14.1:https ESTABLISHED
tcp 0 0 Microknoppix:41450 yk-in-f95.1e100.n:https ESTABLISHED
tcp 0 0 Microknoppix:42308 mpr1.ngd.vip.bf1.:https CLOSE_WAIT
tcp 0 0 Microknoppix:33850 a104-73-27-225.de:https ESTABLISHED
tcp 1 0 Microknoppix:37126 72.21.91.29:http CLOSE_WAIT
tcp6 0 0 localhost:ipp [::]:* LISTEN
udp 0 0 *:bootpc *:*
udp 0 0 *:mdns *:*
udp 0 0 *:18817 *:*
udp6 0 0 [::]:44157 [::]:*
raw6 0 0 [::]:ipv6-icmp [::]:*
I have also seen as many as 30 established connections when I only had "two" Chromium browsers open.
Sorry for the unsolicited thinking aloud. I thought at first that may be this is because Chromium has no script protection included. Tested with my version in Knoppix 7.2.0. My system has just the desired ports and protocols open. Could you check in ksysguard please?
here is the shell, and when I type ksysguard and click the Enter key, the command-line interface shows the following:
knoppix@Microknoppix:~$ ksysguard Got bus address: "unix:abstract=/tmp/dbus-UUqLI7jxMD,guid=5c851277612407c7ac463ea0557906f2" Connected to accessibility bus at: "unix:abstract=/tmp/dbus-UUqLI7jxMD,guid=5c851277612407c7ac463ea0557906f2" Registered DEC: true Registered event listener change listener: true QSpiAccessible::accessibleEvent not handled: "8008" obj: QObject(0x0) " invalid interface!" QSpiAccessible::accessibleEvent not handled: "6" obj: KMenu(0x82ad968, name = "file") "file" QSpiAccessible::accessibleEvent not handled: "7" obj: KMenu(0x82ad968, name = "file") "file" QSpiAccessible::accessibleEvent not handled: "6" obj: KMenu(0x832a888, name = "view") "view" QSpiAccessible::accessibleEvent not handled: "7" obj: KMenu(0x832a888, name = "view") "view" QSpiAccessible::accessibleEvent not handled: "6" obj: KMenu(0x832b1f0, name = "settings") "settings" QSpiAccessible::accessibleEvent not handled: "7" obj: KMenu(0x832b1f0, name = "settings") "settings" QSpiAccessible::accessibleEvent not handled: "6" obj: KMenu(0x832bc78, name = "help") "help" QSpiAccessible::accessibleEvent not handled: "7" obj: KMenu(0x832bc78, name = "help") "help" QSpiAccessible::accessibleEvent not handled: "6" obj: QMenu(0x828d5a8 "" QSpiAccessible::accessibleEvent not handled: "7" obj: QMenu(0x828d5a8 >>>>>>>>>
Plus 156 more consecutive lines, following continuously, that all look exactly the same and read exactly like this:
QSpiAccessible::accessibleEvent not handled: "8008" obj: QObject(0x0) " invalid interface!"
I have never used ksysguard before you introduced it to me today. The GUI for ksysguard is also available for me to see and ksysguard has now become my next favorite enjoyment. I did not understand all of the stdout after I typed ksysguard but I wanted to include it here for you to see. I respect and admire your help! (I used 1024x768 resolution)
-----
Little format by mod
Formatting suggestions:
Use double "new line" for new section.
You can use the "Go Advanced" button to have more abilities to format the posting; before sending your posting use "Preview" to see how it looks like.
If "noscript" (within Iceweasel/Firefox) is active for http://knoppix.net/forum/ disable it for this website; otherwise you cannot use the format abilities. Do not use Chrome/Chromium!
Below the editor area is the "Additional Options" area. With "Attachments → Manage Attachments" you can upload images and after this insert them in your posting.
Last edited by Werner P. Schulz; 06-11-2015 at 07:52 AM.
Don't you worry about the terminal values. You must focus on ksysguard GUI. First, run chromium.
First check which ports are open, and take a note.
check if you have ad blocker and noscript processes running.
Then in ksysguard find the processes that has those ports open and try to correspond them with processes running in ksysguard.
If not running (ad... and noscript), you add them immediately in chromium. Watch netstat. Close chromium. Wait.
After that again run chromium.
Watch netstat.
Next, find the processes that has those ports open and try to correspond them with processes running in ksysguard.
See if those questionable ports are open now.
This is far better done in multi-terminal using top, watch, and some judiciously chosen codes. If you come from Unix there will be an enormous added advantage.
Well, I can't write all the brainwaves coming in right now. But in time, with experience, you will understand blocking the irregular ports. And, CAUTION: Don't even play with ksysguard until you understand its workings. Otherwise, you are likely to crash your system. Just Observe, that's all!
And please, format your texts, otherwise it is very difficult for members (definitely for me) to differentiate your texts from the terminal API outputs.
There is one really benevolent person here who is watching. He will take note and, if he thinks, he will intervene and if required, will even format your posts. There are really some nice people here. Try to help them help you.
Last edited by rajibando; 06-11-2015 at 07:41 AM.
I got it this time.
Screenshot from 2015-06-11 04:11:20.png
First, post whether you know Unix/'Linux CLI'.
You won't find unless you use grep in CLI. Then make a script with 'do while' to call nmap every 500 millisecond with sleep. Then you will see what is changing in real time.
I guess you know, but if you are not from unix background, then use gnome-nettool.
No direct process name, but the two info can be correlated. Find which ports are used for what purposes. You will understand.
- I know that command-line interface involves
typing Linux commands in a shell and clicking the "Enter" key after typing the command; I like this way of making things happen in Linux.- I have used Knoppix since version 3.1 in 2003.
- gnome-nettool is becoming very flattering and I am using it now since you suggested it. It's great!
- With the information that you have sent to me, I will have plenty of learning to keep me busy for a considerable amount of time in the time that follows the present time.
- Blessings
- Bye now, and Cheers! Thanks!
Last edited by buymystock; 06-11-2015 at 10:14 AM. Reason: clairification
So you don't write scripts? You had better! I had given you a wonderful clue which you couldn't grasp
I would now request you to please stop jumping from one query to another and plain- and simply observe.
And as the mod said, stop using chromium. It is not a Debian/Standard Linux tool. It is a google tool, and is imperfect. Better use Firefox directly.
Best, use Iceweasel. It is a Debian finish.
Last, but not the least, please request the moderator to delete your multi-posts no. 6, 7 & 8. It is not required but shall confuse newbies.
And post your understanding, realisation with lot of explanations, here, so that future users can learn from your experience. Please don't hide your findings.
With lot of empathy, respect, and equality
Last edited by rajibando; 06-11-2015 at 10:17 AM.
ASUS B150M-C Motherboard mATX LGA1151 w/Intel i3-6100 CPU DDR4 SATA HDMI Tested
$45.00
ASROCK H110M-HDV LGA1151 DDR4 Intel H110 Micro ATX Motherboard Tested Working
$39.90
ASUS H110I-PLUS LGA1151 Desktop Motherboard Intel H110 Mini-ITX W/IO
$39.90
ASUS Q170M-C Motherboard LGA1151 with IO Shield
$39.95
ASUS - PRIME B450M-A II (Socket AM4) AMD B450 microATX DDR4 Motherboard - Black
$69.99
GIGABYTE B550 UD AC ATX Motherboard AMD Socket AM4 DDR4 HDMI WIFI USB 3.2 SATA
$74.99
MSI MPG B550 GAMING PLUS AM4 AMD B550 PCIe 4.0 ATX Motherboard
$94.99
Asus PRIME A320M-K AMD Socket AM4 DDR4 Desktop Motherboard
$49.99
ASUS B85M-E LGA1150 Socket B85 8GB DDR3 Desktop Motherboard w I/O Shield
$41.99
Gigabyte M-ATX motherboard with Intel Core i3 8100 CPU and 8GB DDR4 RAM
$79.00