Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 635
  • Last Modified:

netstat

When I do a netstat command I see several established
connections on my box.  I allowed a kid full access (big
mistake) so he could do a bot.  I find that as superuser and
logged in remote I cannot do a reboot.  How can I kill these
connections off ?
0
fm
Asked:
fm
1 Solution
 
elfieCommented:
Not all connections need to be remote connections.
In general killing connections, means that will need to kill some services(deamon processes).
Most of the local connections will be re-established, once the deamon process is running again.
You can check your /etc/rc files to see which services are started. You can disabled them by putting them in comment (Also verify /etc/inittab)

0
 
mohammedgCommented:
What type of Unix are you running ?
And when you say that you allowed full access, does that mean that you gave full root
permissions to that user?
0
 
JYoungmanCommented:
You can use identd (rfc 1413) queries to find out
who the processes belong to, and often what their PID is.

Alternatively you could add an entry to the routing table for the particular host to which the unwanted data is directed, to make sure it fails to get there (or use firewall output rules if your box is BSD or Linux based).


I'm very surprised that you can't do a reboot from a remote machine.  What does "shutdown" say when it refuses? You are running it as root, yes?


0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now