Risultato del comando lsof -i | grep smtp

**kylnas1** · 02-04-2015, 17:38

Salve a tutti,
per controllare quali servizi sul server sono sospetti, ho lanciato questo comando (trovato sul web). Questo è il risultato:

codice:

exim       2155     mail    3u  IPv6     11169      0t0  TCP *:smtp (LISTEN)
exim       2155     mail    4u  IPv4     11170      0t0  TCP *:smtp (LISTEN)
php-cgi54 20488 mecgroup    6u  IPv4 211731976      0t0  TCP ch1sat01.colt-engine.it:55472->74.125.133.27:smtp (SYN_SENT)
php-cgi54 20488 mecgroup    7u  IPv4 211731978      0t0  TCP ch1sat01.colt-engine.it:47767->mta-v5.mail.vip.bf1.yahoo.com:smtp (SYN_SENT)
php-cgi54 20488 mecgroup    8u  IPv4 211731980      0t0  TCP ch1sat01.colt-engine.it:33873->mta-v4.mail.vip.ne1.yahoo.com:smtp (SYN_SENT)
php-cgi54 20488 mecgroup    9u  IPv4 211731982      0t0  TCP ch1sat01.colt-engine.it:35186->bay0-mc5-f.bay0.hotmail.com:smtp (SYN_SENT)
php-cgi54 20488 mecgroup   10u  IPv4 211731984      0t0  TCP ch1sat01.colt-engine.it:48496->mx1.hotmail.com:smtp (SYN_SENT)
php-cgi54 20488 mecgroup   11u  IPv4 211731986      0t0  TCP ch1sat01.colt-engine.it:53774->col0-mc3-f.col0.hotmail.com:smtp (SYN_SENT)
php-cgi54 20488 mecgroup   12u  IPv4 211731988      0t0  TCP ch1sat01.colt-engine.it:51142->mx1.hotmail.com:smtp (SYN_SENT)
php-cgi54 20488 mecgroup   13u  IPv4 211731990      0t0  TCP ch1sat01.colt-engine.it:41003->bay0-mc6-f.bay0.hotmail.com:smtp (SYN_SENT)
php-cgi54 20488 mecgroup   14u  IPv4 211731992      0t0  TCP ch1sat01.colt-engine.it:51144->mx1.hotmail.com:smtp (SYN_SENT)
php-cgi54 20488 mecgroup   15u  IPv4 211731994      0t0  TCP ch1sat01.colt-engine.it:55848->mta-v1.mail.vip.ir2.yahoo.com:smtp (SYN_SENT)
php-cgi54 20488 mecgroup   16u  IPv4 211731996      0t0  TCP ch1sat01.colt-engine.it:48508->mx1.hotmail.com:smtp (SYN_SENT)
php-cgi54 20488 mecgroup   17u  IPv4 211731998      0t0  TCP ch1sat01.colt-engine.it:55491->74.125.133.27:smtp (SYN_SENT)
php-cgi54 20488 mecgroup   18u  IPv4 211732000      0t0  TCP ch1sat01.colt-engine.it:38023->65.54.188.126:smtp (SYN_SENT)
php-cgi54 20488 mecgroup   19u  IPv4 211732002      0t0  TCP ch1sat01.colt-engine.it:38024->65.54.188.126:smtp (SYN_SENT)
php-cgi54 20488 mecgroup   20u  IPv4 211732004      0t0  TCP ch1sat01.colt-engine.it:48515->mx1.hotmail.com:smtp (SYN_SENT)
php-cgi54 20488 mecgroup   21u  IPv4 211732006      0t0  TCP ch1sat01.colt-engine.it:40998->bay0-mc6-f.bay0.hotmail.com:smtp (SYN_SENT)
php-cgi54 20488 mecgroup   22u  IPv4 211732008      0t0  TCP ch1sat01.colt-engine.it:60450->mx1.hotmail.com:smtp (SYN_SENT)
php-cgi54 20488 mecgroup   23u  IPv4 211732010      0t0  TCP ch1sat01.colt-engine.it:45975->mta-v6.mail.vip.ne1.yahoo.com:smtp (SYN_SENT)
php-cgi54 20488 mecgroup   24u  IPv4 211732012      0t0  TCP ch1sat01.colt-engine.it:48509->mx1.hotmail.com:smtp (SYN_SENT)
php-cgi54 20488 mecgroup   25u  IPv4 211732014      0t0  TCP ch1sat01.colt-engine.it:58529->65.54.188.72:smtp (SYN_SENT)

Mi sembra di capire che le linee dalla terza in poi sono qualcosa che non dovrebbe esserci. Giusto?
In questo caso come posso bloccare quei processi?

Grazie.

Discussione: Risultato del comando lsof -i | grep smtp

Strumenti discussione

Ricerca discussione

Visualizza

Risultato del comando lsof -i | grep smtp

Permessi di invio