On Tuesday 16 February 2010 14:23:31 Kelly Dunlop wrote:
[snip]
> I'd try:
>
>     netstat -atn
>
> and check for a tcp line with port 22 (:22) in LISTEN mode eg:
>
>     tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN
>
> which tells you sshd is running and listening on port 22.
>
> Then:
>
>     ps -ef | grep sshd
>
> just to check that sshd is running.
I have been trying to follow this thread, with limited success, as it is an 
area where my igonorance is both wide and deep. :-( But I hope to learn.
So I have been trying the various commands to see what I get.  arp -n just 
gave me my router from 2 computers currently active on the LAN.
The IPs of the two active computers are 192.168.0.2 and 192.168.0.3.  The 
router is 192.168.0.1.
I then tried the following (from 192.168.0.2):
Tux:/home/lisi# netstat -atn
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 0.0.0.0:59782           0.0.0.0:*               LISTEN
tcp        0      0 127.0.0.1:1004          0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN
tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:7741            0.0.0.0:*               LISTEN
tcp        0      0 192.168.0.2:43311       92.122.211.37:1935      
ESTABLISHED
tcp6       0      0 :::22                   :::*                    LISTEN
tcp6       0      0 ::1:631                 :::*                    LISTEN
Tux:/home/lisi# ps -ef | grep sshd
root      2341     1  0 06:38 ?        00:00:00 /usr/sbin/sshd
root     15602 15392  0 11:08 pts/1    00:00:00 grep sshd
Tux:/home/lisi#
If I have understood correctly, that is a bit worrying.  (The ESTABLISHED 
one.)  So have I understood?  I hope that I have not. ;-0.
If it _is_ ominous, I can block that IP.  But I presumably need to close some 
open ports as well?
Lisi