process will not time out?

• Previous message: Geon Reuben: "network settings at boottime"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Wed, 9 Feb 2005 16:02:16 -0600 (CST)
To: sunmanagers@sunmanagers.org

We have a Solaris 9 server that does not close its connections. When a
process finishes (scp in this case), netstat -a output shows that the
tranfer itself is in TIME_WAIT and sshd is ESTABLISHED. The sshd process
will remain ESTABLISHED. So this server right now has 28 logins:
(~) server % w | wc -l
      28

but 72 instances of the sshd daemon running:
(~) server % ps -ef | grep sshd | wc -l
      72

An example in netstat that shows what it is doing:

(~) server % scp shalmaneser.tsg.cbot.com:/etc/hosts .
(~) server % netstat -a | grep shalmaneser
server.ssh shalmaneser.tsg.cbot.com.36277 49640 47 49064 0 ESTABLISHED
server.44089 shalmaneser.tsg.cbot.com.ssh 49640 0 49112 0 TIME_WAIT
(~) server % sleep 240; netstat -a | grep shalmaneser
server.ssh shalmaneser.tsg.cbot.com.36277 49640 0 49064 0 ESTABLISHED

The Time_wait interval on this server is 60 seconds.
(~) server % ndd -get /dev/tcp tcp_time_wait_interval
60000

What am I missing? TIA, and I will summarize.

+-----------------------------------------------------------------------+
| Christopher L. Barnard O When I was a boy I was told that |
| cbarnard@tsg.cbot.com / \ anybody could become president. |
| (312) 347-4901 O---O Now I'm beginning to believe it. |
| http://www.cs.uchicago.edu/~cbarnard --Clarence Darrow |
+----------PGP public key available via finger or PGP keyserver---------+
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Previous message: Geon Reuben: "network settings at boottime"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: SubSeven alerts: Norton Firewall vs Hacks/Trojan cleaner ... Personal Web Server -- PWS), mail servers, news servers, ftp servers, IRC ... | - use netstat with appropriate options to check for listening services ... firewall which make decisions as to what to ... As for the Subseven Alerts, again, Wolfgang is largely correct; ... (comp.security.firewalls) sshd blocking ftp data port 20? ... apparently some microsoft ftp users are getting the 425 "can't create ... this client's server. ... The sshd configuration file points to port 22 as is normal. ... strange is the netstat output where there is no indication of ports 20 ... (comp.security.ssh) Re: Wnidows Server 2003 - I need help in getting the Connection Co ... command if already running. ... it fires off the netstat command for you, sending the results from that to ... SHELL EXEC FUNCTION ON SERVER 2003 - PERMISION PROBLEM!!!!! ... requires administator access we are get file permison problems - ANY ... (microsoft.public.windowsmedia.server) Re: Wnidows Server 2003 - I need help in getting the Connection Co ... exteral application in since it needs to run on Windows Server 2003. ... command if already running. ... it fires off the netstat command for you, sending the results from that to ... SHELL EXEC FUNCTION ON SERVER 2003 - PERMISION PROBLEM!!!!! ... (microsoft.public.windowsmedia.server) Re: Is this a Virus? Spammer? Emails sent to unkown address... ... Giving us more info about the netstat ... results, like the port number, would be helpful. ... netstat was done on your mail server? ... If your email server is set up for relaying, which is bad, you should ... (comp.security.firewalls)