Re: [nslu2-general] Re: Network Activity
- Well - you might do:
1. Identify current TCP connections
Run "netstat -tn" to list all TCP connection with IP and port numbers. If
none seem suspicious (IPs ouside your range), it is unlikely that anyone
are currently connected to your slug. This is you primary (and fastest)
way of testing for suspicious activity (try without the "n" option to
resolve names of IPs and ports).
2. If you found suspicious connnections in (1), look for the application
holding this connection. Install lsof (using ipkg or apt-get depending on
OS) and run:
lsof -n | grep TCP
lsof -n | grep UDP
to see all applications, the connections they use and the ports they
listen on. This will also let you look for unsanctioned services listening
on TCP/UDP ports.
And... even though it may not sound helpful: *don't worry too much* Life
is stressful enough without making paranoia part of daily life.