netstat - please help me understand log
Hi,
I'm wondering what my netstat tells you?
In particular - this is what I do not recognize:
478b510 stream 0 0 5d51d7c 0 0 0 /tmp/launch-1trY3d/org.x:0
478c710 stream 0 0 5d51ea4 0 0 0 /tmp/launch-0He3vA/Listeners
478bfc0 stream 0 0 5d22000 0 0 0 /tmp/launch-PiArJ9/Render
478bf30 stream 0 0 59f1f9c 0 0 0 /tmp/launchd-99.Fy3Ny4/sock
4be4640 stream 0 0 0 4be4370 0 0 /var/run/mDNSResponder
Additionally, Looking up host names - there are alot of DATA / in the cloud type connections that I do not recognize...
Today my computer has been very slow and the fan has gone on.
I'm on a hidden Wifi connection, WPA2. Mac osx10.6.8
Are these hostnames suspect of a hacker?
How do I block these connections? Will using Little snitch suffice?
The ports that the connections are on are in the 6000 range - is this a bad sign?
Softlayer? comes up
| : | 173.192.76.134-static.reverse.softlayer.com | |
www.markmonitor.com ? comes up
linked in comes up but I'm not connected to that website
Amazon Technologies Inc.?
Google - which is ok and a correct connection - I'm on google pages
MarkMonitor Domain Management ?
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
tcp4 0 0 192.168.1.100.60616 173.192.76.134.80 ESTABLISHED
tcp4 0 0 192.168.1.100.60615 173.192.76.134.80 ESTABLISHED
tcp4 0 0 192.168.1.100.60614 173.192.76.134.80 ESTABLISHED
tcp4 0 0 192.168.1.100.60608 74.125.224.100.80 ESTABLISHED
tcp4 0 0 192.168.1.100.60604 216.52.242.80.80 ESTABLISHED
tcp4 0 0 192.168.1.100.60574 23.32.22.239.80 ESTABLISHED
tcp4 0 0 192.168.1.100.60541 74.125.224.43.443 ESTABLISHED
tcp4 0 0 192.168.1.100.60539 54.243.175.214.80 ESTABLISHED
tcp4 0 0 192.168.1.100.60538 74.125.224.65.443 ESTABLISHED
tcp4 0 0 192.168.1.100.60534 74.125.224.157.443 ESTABLISHED
tcp4 0 0 192.168.1.100.60532 74.125.224.122.443 ESTABLISHED
tcp4 0 0 192.168.1.100.60531 74.125.224.43.443 ESTABLISHED
tcp4 0 0 192.168.1.100.60530 74.125.224.86.443 ESTABLISHED
tcp4 0 0 192.168.1.100.60516 184.31.31.144.80 ESTABLISHED
tcp4 0 0 192.168.1.100.60515 74.125.224.35.443 ESTABLISHED
tcp4 0 0 192.168.1.100.60512 184.31.31.144.80 ESTABLISHED
tcp4 0 0 192.168.1.100.60470 74.125.224.131.80 ESTABLISHED
tcp4 0 0 192.168.1.100.60435 74.125.224.43.443 ESTABLISHED
tcp4 0 0 192.168.1.100.60433 173.194.79.99.443 ESTABLISHED
tcp4 0 0 127.0.0.1.631 *.* LISTEN
tcp6 0 0 ::1.631 *.* LISTEN
tcp4 0 0 192.168.1.100.60536 173.194.37.79.443 TIME_WAIT
tcp4 0 0 192.168.1.100.60489 23.61.194.168.80 TIME_WAIT
tcp4 0 0 192.168.1.100.60502 23.61.195.137.80 TIME_WAIT
tcp4 0 0 192.168.1.100.60491 23.61.194.218.80 TIME_WAIT
tcp4 0 0 192.168.1.100.60507 23.61.195.137.80 TIME_WAIT
udp6 0 0 *.50769 *.*
udp4 0 0 *.50769 *.*
udp6 0 0 *.57063 *.*
udp4 0 0 *.57063 *.*
udp6 0 0 *.54314 *.*
udp4 0 0 *.54314 *.*
udp6 0 0 *.51052 *.*
udp4 0 0 *.51052 *.*
udp6 0 0 *.58868 *.*
udp4 0 0 *.58868 *.*
udp6 0 0 *.63621 *.*
udp4 0 0 *.63621 *.*
udp4 0 0 192.168.1.100.123 *.*
udp6 0 0 fe80::217:f2ff:f.123 *.*
udp4 0 0 *.* *.*
udp4 0 0 *.* *.*
udp4 0 0 127.0.0.1.123 *.*
udp6 0 0 fe80::1%lo0.123 *.*
udp6 0 0 ::1.123 *.*
udp6 0 0 *.123 *.*
udp4 0 0 *.123 *.*
udp4 0 0 *.* *.*
udp6 0 0 *.5353 *.*
udp4 0 0 *.5353 *.*
udp4 0 0 *.* *.*
icm6 0 0 *.* *.*
Active LOCAL (UNIX) domain sockets
Address Type Recv-Q Send-Q Inode Conn Refs Nextref Addr
714d7f0 stream 0 0 0 714de20 0 0
714de20 stream 0 0 0 714d7f0 0 0
4be2f30 stream 0 0 0 4be2480 0 0
4be2480 stream 0 0 0 4be2f30 0 0
4be3680 stream 0 0 0 714d490 0 0
714d490 stream 0 0 0 4be3680 0 0
4be2cf0 stream 0 0 0 478cb00 0 0
478cb00 stream 0 0 0 4be2cf0 0 0
4be2a20 stream 0 0 0 4be3cb0 0 0
4be3cb0 stream 0 0 0 4be2a20 0 0
714c7a0 stream 0 0 0 4be3200 0 0
4be3200 stream 0 0 0 714c7a0 0 0
4be21b0 stream 0 0 0 4be23f0 0 0
4be23f0 stream 0 0 0 4be21b0 0 0
4be4a30 stream 0 0 0 4be2090 0 0
4be2090 stream 0 0 0 4be4a30 0 0
714d910 stream 0 0 0 4be34d0 0 0
4be34d0 stream 0 0 0 714d910 0 0
4be2240 stream 0 0 0 714da30 0 0
714da30 stream 0 0 0 4be2240 0 0
714c560 stream 0 0 0 714dac0 0 0
714dac0 stream 0 0 0 714c560 0 0
4be25a0 stream 0 0 0 714c440 0 0 /var/run/mDNSResponder
714c440 stream 0 0 0 4be25a0 0 0
478c9e0 stream 0 0 0 478bea0 0 0 /var/run/mDNSResponder
478bea0 stream 0 0 0 478c9e0 0 0
4be3a70 stream 0 0 0 4be3950 0 0 /var/run/usbmuxd
4be3950 stream 0 0 0 4be3a70 0 0
4be3830 stream 0 0 0 4be39e0 0 0 /var/run/mDNSResponder
4be39e0 stream 0 0 0 4be3830 0 0
478c7a0 stream 0 0 5f34f9c 0 0 0 /tmp/icssuis502
478c560 stream 0 0 0 478c440 0 0
478c440 stream 0 0 0 478c560 0 0
478bb40 stream 0 0 0 478b000 0 0 /var/run/mDNSResponder
478b000 stream 0 0 0 478bb40 0 0
478b900 stream 0 0 0 478b5a0 0 0 /var/run/mDNSResponder
478b5a0 stream 0 0 0 478b900 0 0
4be46d0 stream 0 0 0 478b360 0 0
478b360 stream 0 0 0 4be46d0 0 0
4be47f0 stream 0 0 0 478b750 0 0
478b750 stream 0 0 0 4be47f0 0 0
478bab0 stream 0 0 0 4be49a0 0 0
4be49a0 stream 0 0 0 478bab0 0 0
478b510 stream 0 0 5d51d7c 0 0 0 /tmp/launch-1trY3d/org.x:0 ----------???? what are these ones here???
478c710 stream 0 0 5d51ea4 0 0 0 /tmp/launch-0He3vA/Listeners
478bfc0 stream 0 0 5d22000 0 0 0 /tmp/launch-PiArJ9/Render
478bf30 stream 0 0 59f1f9c 0 0 0 /tmp/launchd-99.Fy3Ny4/sock
4be4640 stream 0 0 0 4be4370 0 0 /var/run/mDNSResponder
4be4370 stream 0 0 0 4be4640 0 0
4be4eb0 stream 0 0 0 4be4b50 0 0 /var/run/mDNSResponder
4be4b50 stream 0 0 0 4be4eb0 0 0
4be4910 stream 0 0 0 4be4490 0 0
4be4490 stream 0 0 0 4be4910 0 0
478b2d0 stream 0 0 0 4be45b0 0 0
4be45b0 stream 0 0 0 478b2d0 0 0
478c3b0 stream 0 0 0 478bcf0 0 0
478bcf0 stream 0 0 0 478c3b0 0 0
478ca70 stream 0 0 0 4be4ac0 0 0 /var/run/mDNSResponder
4be4ac0 stream 0 0 0 478ca70 0 0
4be4f40 stream 0 0 0 478b090 0 0
478b090 stream 0 0 0 4be4f40 0 0
478c050 stream 0 0 0 4be41c0 0 0
4be41c0 stream 0 0 0 478c050 0 0
478cd40 stream 0 0 0 478b870 0 0
478b870 stream 0 0 0 478cd40 0 0
478be10 stream 0 0 4d11564 0 0 0 /var/run/pppconfd
478b1b0 stream 0 0 0 478b240 0 0
478b240 stream 0 0 0 478b1b0 0 0
478b3f0 stream 0 0 0 478b480 0 0
478b480 stream 0 0 0 478b3f0 0 0
478b990 stream 0 0 0 478ba20 0 0
478ba20 stream 0 0 0 478b990 0 0
478bbd0 stream 0 0 0 478bc60 0 0
478bc60 stream 0 0 0 478bbd0 0 0
478c170 stream 0 0 0 478c200 0 0
478c200 stream 0 0 0 478c170 0 0
478c5f0 stream 0 0 0 478c680 0 0
478c680 stream 0 0 0 478c5f0 0 0
478ccb0 stream 0 0 0 478cdd0 0 0
478cdd0 stream 0 0 0 478ccb0 0 0
478ce60 stream 0 0 0 478cef0 0 0
478cef0 stream 0 0 0 478ce60 0 0
478d010 stream 0 0 0 478cf80 0 0 /var/tmp/launchd/sock
478cf80 stream 0 0 0 478d010 0 0
478d0a0 stream 0 0 0 478d130 0 0
478d130 stream 0 0 0 478d0a0 0 0
478d250 stream 0 0 0 478d1c0 0 0 /var/tmp/launchd/sock
478d1c0 stream 0 0 0 478d250 0 0
478d370 stream 0 0 0 478d2e0 0 0
478d2e0 stream 0 0 0 478d370 0 0
478d490 stream 0 0 0 478d400 0 0
478d400 stream 0 0 0 478d490 0 0
478d5b0 stream 0 0 0 478d520 0 0
478d520 stream 0 0 0 478d5b0 0 0
478d6d0 stream 0 0 0 478d640 0 0
478d640 stream 0 0 0 478d6d0 0 0
478d760 stream 0 0 0 478d7f0 0 0
478d7f0 stream 0 0 0 478d760 0 0
478d9a0 stream 0 0 49d240c 0 0 0 /var/tmp/launchd/sock
478da30 stream 0 0 49d2534 0 0 0 /private/var/run/cupsd
478dac0 stream 0 0 49d26f0 0 0 0 /var/run/usbmuxd
478dbe0 stream 0 0 49d2818 0 0 0 /var/run/asl_input
478dc70 stream 0 0 49d28ac 0 0 0 /var/run/SCHelper
478dd00 stream 0 0 49d2940 0 0 0 /var/run/vpncontrol.sock
478dd90 stream 0 0 49d29d4 0 0 0 /private/var/run/printtool
478de20 stream 0 0 49d2a68 0 0 0 /var/run/portmap.socket
478df40 stream 0 0 49d2afc 0 0 0 /var/run/mDNSResponder
478deb0 stream 0 0 49d2b90 0 0 0 /var/run/com.apple.ActivityMonitor.socket
714df40 dgram 0 0 0 714dd00 0 0
714dd00 dgram 0 0 67f0818 0 714df40 0 /var/folders/AC/ACDlP9GUE14Fte-Uz2hupE+++TM/-Tmp- ???????? /com.apple.notify.2319.7
478c4d0 dgram 0 0 0 478bd80 478bd80 0
478bd80 dgram 0 0 0 478c4d0 478c4d0 0
4be3dd0 dgram 0 0 0 4be3ef0 4be3ef0 0
4be3ef0 dgram 0 0 0 4be3dd0 4be3dd0 0
4be38c0 dgram 0 0 0 4be3710 4be3710 0
4be3710 dgram 0 0 0 4be38c0 4be38c0 0
478c320 dgram 0 0 0 478c0e0 478c0e0 0
478c0e0 dgram 0 0 0 478c320 478c320 0
478b120 dgram 0 0 0 4be4d90 4be4d90 0
4be4d90 dgram 0 0 0 478b120 478b120 0
478c950 dgram 0 0 0 4be4d00 4be4d00 0
4be4d00 dgram 0 0 0 478c950 478c950 0
478c290 dgram 0 0 0 4be4400 4be4400 0
4be4400 dgram 0 0 0 478c290 478c290 0
4be40a0 dgram 0 0 0 478b630 478b630 0
478b630 dgram 0 0 0 4be40a0 4be40a0 0
478cc20 dgram 0 0 0 478cb90 478cb90 0
478cb90 dgram 0 0 0 478cc20 478cc20 0
478db50 dgram 0 0 49d2784 0 0 0 /var/run/syslog
I got this after running software updates on my mac. I searched "sudo"in console and this is what came up:
| 1/29/13 7:59:15 PM | sudo[12319] | root : TTY=unknown ; PWD=/private/tmp/PKInstallSandbox.XzQwou/Scripts/com.apple.pkg.MobileDevice.gRh s6u ; USER=root ; COMMAND=/bin/launchctl unload //System/Library/LaunchDaemons/com.apple.usbmuxd.plist |
| 1/29/13 8:01:46 PM | sudo[12424] | root : com.apple.system.syslog.12424 |
| 1/29/13 8:01:46 PM | sudo[12425] | root : com.apple.system.syslog.12425 |
| 1/29/13 8:01:55 PM | sudo[12502] | root : TTY=unknown ; PWD=/private/tmp/PKInstallSandbox.XzQwou/Scripts/com.apple.pkg.MobileDevice.gRh s6u ; USER=root ; COMMAND=/bin/launchctl load -w //System/Library/LaunchDaemons/com.apple.usbmuxd.plist |
| 1/29/13 8:01:55 PM | sudo[12504] | root : TTY=unknown ; PWD=/private/tmp/PKInstallSandbox.XzQwou/Scripts/com.apple.pkg.MobileDevice.gRh s6u ; USER=root ; COMMAND=/bin/launchctl start com.apple.usbmuxd |
| 1/29/13 8:01:55 PM | sudo[12506] | root : com.apple.system.syslog.12506 |
| 1/29/13 8:01:55 PM | sudo[12507] | root : com.apple.system.syslog.12507 |
Thanks for any help - sorry I know there is alot here to look at
Thanks again!
MacBook, Mac OS X (10.4.11)