Originally Posted by
dunbrokin
These are the netstat results from both of my machines.
Since you are concerned that someone *might* have infiltrated your box, then netstat might not be reliable (because an attacker could have installed a rootkit). A better way than using netstat is to port scan yourself with nmap.
Code:
sudo apt-get install nmap
First, close your browser and other things that you know are connecting to the Internet.
Then to do a scan, do:
Code:
sudo nmap -sT -v -p- localhost
The output will show all listening ports and what services are listening on each open port. If for some reason, it doesn't list the service, then you can use lsof.
Code:
sudo lsof -i | grep <port number>
Where "port number" is the number of the port.
NOTE: if you are behind a router, don't scan the router. Only scan locally, or else it will take several hours. You can also try scanning both machines.