wired outputs in nethogs [closed]
I have sometimes wired outputs in nethogs stats:
? root 192.168.1.100:42608-81.21.119.76:18725
or
? root unknown TCP
there is always 192.168.1.100 (my PC address in network) and then "random" port and destination with port, what can it be?
networking
asked Jan 18 at 20:50
Michał NiemieckiMichał Niemiecki
6
closed as too broad by G-Man, Rui F Ribeiro, Thomas, Jeff Schaller, Isaac Jan 19 at 21:18
Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
add a comment |
I have sometimes wired outputs in nethogs stats:
? root 192.168.1.100:42608-81.21.119.76:18725
or
? root unknown TCP
there is always 192.168.1.100 (my PC address in network) and then "random" port and destination with port, what can it be?
networking
asked Jan 18 at 20:50
Michał NiemieckiMichał Niemiecki
6
closed as too broad by G-Man, Rui F Ribeiro, Thomas, Jeff Schaller, Isaac Jan 19 at 21:18
Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
add a comment |
I have sometimes wired outputs in nethogs stats:
? root 192.168.1.100:42608-81.21.119.76:18725
or
? root unknown TCP
there is always 192.168.1.100 (my PC address in network) and then "random" port and destination with port, what can it be?
networking
asked Jan 18 at 20:50
Michał NiemieckiMichał Niemiecki
6
I have sometimes wired outputs in nethogs stats:
? root 192.168.1.100:42608-81.21.119.76:18725
or
? root unknown TCP
there is always 192.168.1.100 (my PC address in network) and then "random" port and destination with port, what can it be?
networking
networking
asked Jan 18 at 20:50
Michał NiemieckiMichał Niemiecki
6
asked Jan 18 at 20:50
Michał NiemieckiMichał Niemiecki
6
asked Jan 18 at 20:50
Michał NiemieckiMichał Niemiecki
6
asked Jan 18 at 20:50
Michał NiemieckiMichał Niemiecki
6
asked Jan 18 at 20:50
Michał NiemieckiMichał Niemiecki
6
6
closed as too broad by G-Man, Rui F Ribeiro, Thomas, Jeff Schaller, Isaac Jan 19 at 21:18
Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
closed as too broad by G-Man, Rui F Ribeiro, Thomas, Jeff Schaller, Isaac Jan 19 at 21:18
Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
This is where it is going: Amsterdam, NL
NetRange: 81.0.0.0 - 81.255.255.255
CIDR: 81.0.0.0/8
NetName: 81-RIPE
NetHandle: NET-81-0-0-0-1
Parent: ()
NetType: Allocated to RIPE NCC
OriginAS:
Organization: RIPE Network Coordination Centre (RIPE)
RegDate:
Updated: 2009-03-25
Comment: These addresses have been further assigned to users in
Comment: the RIPE NCC region. Contact information can be found in
Comment: the RIPE database at http://www.ripe.net/whois
Ref: https://rdap.arin.net/registry/ip/81.0.0.0
ResourceLink: https://apps.db.ripe.net/search/query.html
ResourceLink: whois.ripe.net
OrgName: RIPE Network Coordination Centre
OrgId: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
RegDate:
Updated: 2013-07-29
Ref: https://rdap.arin.net/registry/entity/RIPE
ReferralServer: whois://whois.ripe.net
ResourceLink: https://apps.db.ripe.net/search/query.html
OrgAbuseHandle: ABUSE3850-ARIN
OrgAbuseName: Abuse Contact
OrgAbusePhone: +31205354444
OrgAbuseEmail: abuse@ripe.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN
OrgTechHandle: RNO29-ARIN
OrgTechName: RIPE NCC Operations
OrgTechPhone: +31 20 535 4444
OrgTechEmail: hostmaster@ripe.net
OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN
It is likely mail-ware/spy-ware or a virus. Unless you live in or really close to Amsterdam, NL.
- On fresh installs, install and run rkhunter, chkrootkit, clamav, clamav-deamon.
- Make sure to run rkhunter before every update and propupd after.
- Make sure you use freshclam and run clamav regularly if not using the deamon.
- Linux is great, yet it is not invulnerable like some may make you believe.
- Be safe out there, the would is a rough place.
answered Jan 19 at 4:17
Michael ProkopecMichael Prokopec
1,216218
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
This is where it is going: Amsterdam, NL
NetRange: 81.0.0.0 - 81.255.255.255
CIDR: 81.0.0.0/8
NetName: 81-RIPE
NetHandle: NET-81-0-0-0-1
Parent: ()
NetType: Allocated to RIPE NCC
OriginAS:
Organization: RIPE Network Coordination Centre (RIPE)
RegDate:
Updated: 2009-03-25
Comment: These addresses have been further assigned to users in
Comment: the RIPE NCC region. Contact information can be found in
Comment: the RIPE database at http://www.ripe.net/whois
Ref: https://rdap.arin.net/registry/ip/81.0.0.0
ResourceLink: https://apps.db.ripe.net/search/query.html
ResourceLink: whois.ripe.net
OrgName: RIPE Network Coordination Centre
OrgId: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
RegDate:
Updated: 2013-07-29
Ref: https://rdap.arin.net/registry/entity/RIPE
ReferralServer: whois://whois.ripe.net
ResourceLink: https://apps.db.ripe.net/search/query.html
OrgAbuseHandle: ABUSE3850-ARIN
OrgAbuseName: Abuse Contact
OrgAbusePhone: +31205354444
OrgAbuseEmail: abuse@ripe.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN
OrgTechHandle: RNO29-ARIN
OrgTechName: RIPE NCC Operations
OrgTechPhone: +31 20 535 4444
OrgTechEmail: hostmaster@ripe.net
OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN
It is likely mail-ware/spy-ware or a virus. Unless you live in or really close to Amsterdam, NL.
- On fresh installs, install and run rkhunter, chkrootkit, clamav, clamav-deamon.
- Make sure to run rkhunter before every update and propupd after.
- Make sure you use freshclam and run clamav regularly if not using the deamon.
- Linux is great, yet it is not invulnerable like some may make you believe.
- Be safe out there, the would is a rough place.
answered Jan 19 at 4:17
Michael ProkopecMichael Prokopec
1,216218
add a comment |
This is where it is going: Amsterdam, NL
NetRange: 81.0.0.0 - 81.255.255.255
CIDR: 81.0.0.0/8
NetName: 81-RIPE
NetHandle: NET-81-0-0-0-1
Parent: ()
NetType: Allocated to RIPE NCC
OriginAS:
Organization: RIPE Network Coordination Centre (RIPE)
RegDate:
Updated: 2009-03-25
Comment: These addresses have been further assigned to users in
Comment: the RIPE NCC region. Contact information can be found in
Comment: the RIPE database at http://www.ripe.net/whois
Ref: https://rdap.arin.net/registry/ip/81.0.0.0
ResourceLink: https://apps.db.ripe.net/search/query.html
ResourceLink: whois.ripe.net
OrgName: RIPE Network Coordination Centre
OrgId: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
RegDate:
Updated: 2013-07-29
Ref: https://rdap.arin.net/registry/entity/RIPE
ReferralServer: whois://whois.ripe.net
ResourceLink: https://apps.db.ripe.net/search/query.html
OrgAbuseHandle: ABUSE3850-ARIN
OrgAbuseName: Abuse Contact
OrgAbusePhone: +31205354444
OrgAbuseEmail: abuse@ripe.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN
OrgTechHandle: RNO29-ARIN
OrgTechName: RIPE NCC Operations
OrgTechPhone: +31 20 535 4444
OrgTechEmail: hostmaster@ripe.net
OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN
It is likely mail-ware/spy-ware or a virus. Unless you live in or really close to Amsterdam, NL.
- On fresh installs, install and run rkhunter, chkrootkit, clamav, clamav-deamon.
- Make sure to run rkhunter before every update and propupd after.
- Make sure you use freshclam and run clamav regularly if not using the deamon.
- Linux is great, yet it is not invulnerable like some may make you believe.
- Be safe out there, the would is a rough place.
answered Jan 19 at 4:17
Michael ProkopecMichael Prokopec
1,216218
add a comment |
This is where it is going: Amsterdam, NL
NetRange: 81.0.0.0 - 81.255.255.255
CIDR: 81.0.0.0/8
NetName: 81-RIPE
NetHandle: NET-81-0-0-0-1
Parent: ()
NetType: Allocated to RIPE NCC
OriginAS:
Organization: RIPE Network Coordination Centre (RIPE)
RegDate:
Updated: 2009-03-25
Comment: These addresses have been further assigned to users in
Comment: the RIPE NCC region. Contact information can be found in
Comment: the RIPE database at http://www.ripe.net/whois
Ref: https://rdap.arin.net/registry/ip/81.0.0.0
ResourceLink: https://apps.db.ripe.net/search/query.html
ResourceLink: whois.ripe.net
OrgName: RIPE Network Coordination Centre
OrgId: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
RegDate:
Updated: 2013-07-29
Ref: https://rdap.arin.net/registry/entity/RIPE
ReferralServer: whois://whois.ripe.net
ResourceLink: https://apps.db.ripe.net/search/query.html
OrgAbuseHandle: ABUSE3850-ARIN
OrgAbuseName: Abuse Contact
OrgAbusePhone: +31205354444
OrgAbuseEmail: abuse@ripe.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN
OrgTechHandle: RNO29-ARIN
OrgTechName: RIPE NCC Operations
OrgTechPhone: +31 20 535 4444
OrgTechEmail: hostmaster@ripe.net
OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN
It is likely mail-ware/spy-ware or a virus. Unless you live in or really close to Amsterdam, NL.
- On fresh installs, install and run rkhunter, chkrootkit, clamav, clamav-deamon.
- Make sure to run rkhunter before every update and propupd after.
- Make sure you use freshclam and run clamav regularly if not using the deamon.
- Linux is great, yet it is not invulnerable like some may make you believe.
- Be safe out there, the would is a rough place.
answered Jan 19 at 4:17
Michael ProkopecMichael Prokopec
1,216218
This is where it is going: Amsterdam, NL
NetRange: 81.0.0.0 - 81.255.255.255
CIDR: 81.0.0.0/8
NetName: 81-RIPE
NetHandle: NET-81-0-0-0-1
Parent: ()
NetType: Allocated to RIPE NCC
OriginAS:
Organization: RIPE Network Coordination Centre (RIPE)
RegDate:
Updated: 2009-03-25
Comment: These addresses have been further assigned to users in
Comment: the RIPE NCC region. Contact information can be found in
Comment: the RIPE database at http://www.ripe.net/whois
Ref: https://rdap.arin.net/registry/ip/81.0.0.0
ResourceLink: https://apps.db.ripe.net/search/query.html
ResourceLink: whois.ripe.net
OrgName: RIPE Network Coordination Centre
OrgId: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
RegDate:
Updated: 2013-07-29
Ref: https://rdap.arin.net/registry/entity/RIPE
ReferralServer: whois://whois.ripe.net
ResourceLink: https://apps.db.ripe.net/search/query.html
OrgAbuseHandle: ABUSE3850-ARIN
OrgAbuseName: Abuse Contact
OrgAbusePhone: +31205354444
OrgAbuseEmail: abuse@ripe.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN
OrgTechHandle: RNO29-ARIN
OrgTechName: RIPE NCC Operations
OrgTechPhone: +31 20 535 4444
OrgTechEmail: hostmaster@ripe.net
OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN
It is likely mail-ware/spy-ware or a virus. Unless you live in or really close to Amsterdam, NL.
- On fresh installs, install and run rkhunter, chkrootkit, clamav, clamav-deamon.
- Make sure to run rkhunter before every update and propupd after.
- Make sure you use freshclam and run clamav regularly if not using the deamon.
- Linux is great, yet it is not invulnerable like some may make you believe.
- Be safe out there, the would is a rough place.
answered Jan 19 at 4:17
Michael ProkopecMichael Prokopec
1,216218
answered Jan 19 at 4:17
Michael ProkopecMichael Prokopec
1,216218
answered Jan 19 at 4:17
Michael ProkopecMichael Prokopec
1,216218
answered Jan 19 at 4:17
Michael ProkopecMichael Prokopec
1,216218
1,216218
add a comment |
add a comment |
