Does “ESTABLISHED” state in netstat command for the sshd program mean they actually have access?Unrecognized SSH access on server?If I change the root password on a linux server, can someone still access root if they created an SSH authorized_key for root user?In the output for netstat what does the [::] mean?Interpreting Netstat outputHow do I configure SSHd to permit a single command, without giving full login access to the user?what does the --backup-mode option for rdiff mean?do SSH keys have to be unique to the service they are used for?What does it mean for netstat -tDoes the netstat counter wrap around? And over what period are they collected?A specified logon session does not exist. It may already have been terminated (only from SSH)(for the accounts not specified in Log On tab)

Why do even high-end cameras often still include normal (non-cross-type) AF sensors?

How dangerous are set-size assumptions?

How does DC work with natural 20?

Is it damaging to turn off a small fridge for two days every week?

Employer wants to use my work email account after I quit

NSE Numerical IQ Test no.12: 759802, 358829, 847123,?

If I wouldn't want to read the story, is writing it still a good idea?

How large would a mega structure have to be to host 1 billion people indefinitely?

Hot coffee brewing solutions for deep woods camping

Why does the Saturn V have standalone inter-stage rings?

Can White Castle?

Why did pressing the joystick button spit out keypresses?

Can someone suggest a path to study Mordell-Weil theorem for someone studying on their own?

Can any NP-Complete Problem be solved using at most polynomial space (but while using exponential time?)

What is the legal status of travelling with methadone in your carry-on?

Would it be a copyright violation if I made a character’s full name refer to a song?

What did River say when she woke from her proto-comatose state?

What's currently blocking the construction of the wall between Mexico and the US?

Appropriate way to say "see you tomorrow" when meeting online

Is "Busen" just the area between the breasts?

When to remove insignificant variables?

Should developer taking test phones home or put in office?

Impossible darts scores

Java TreeMap.floorKey() equivalent for std::map



Does “ESTABLISHED” state in netstat command for the sshd program mean they actually have access?


Unrecognized SSH access on server?If I change the root password on a linux server, can someone still access root if they created an SSH authorized_key for root user?In the output for netstat what does the [::] mean?Interpreting Netstat outputHow do I configure SSHd to permit a single command, without giving full login access to the user?what does the --backup-mode option for rdiff mean?do SSH keys have to be unique to the service they are used for?What does it mean for netstat -tDoes the netstat counter wrap around? And over what period are they collected?A specified logon session does not exist. It may already have been terminated (only from SSH)(for the accounts not specified in Log On tab)






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;








0















I have this person(or bot) from an IP in Chile which has an "ESTABLISHED" connection to SSHD as root on my server.



I'm trying to understand what netstat's outputs really mean, the manual doesn't really provide much details about them. Here's what I get:



root@linode [~]# netstat -tanpc|grep 200.29.174.125
tcp 0 840 45.33.71.204:22 200.29.174.125:40506 ESTABLISHED 12016/sshd
tcp 0 21 45.33.71.204:22 200.29.174.125:40792 ESTABLISHED 12020/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:41079 SYN_RECV -
tcp 0 1 45.33.71.204:22 200.29.174.125:40792 FIN_WAIT1 -
tcp 0 84 45.33.71.204:22 200.29.174.125:41079 ESTABLISHED 12022/sshd
tcp 0 52 45.33.71.204:22 200.29.174.125:41353 ESTABLISHED 12024/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:41661 ESTABLISHED 12026/sshd
tcp 0 720 45.33.71.204:22 200.29.174.125:41959 ESTABLISHED 12028/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:42208 ESTABLISHED 12030/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:42509 ESTABLISHED 12032/sshd
tcp 0 21 45.33.71.204:22 200.29.174.125:42810 ESTABLISHED 12034/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:43094 SYN_RECV -
tcp 0 84 45.33.71.204:22 200.29.174.125:43094 ESTABLISHED 12036/sshd
tcp 0 52 45.33.71.204:22 200.29.174.125:43362 ESTABLISHED 12038/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:43676 ESTABLISHED 12040/sshd
tcp 0 720 45.33.71.204:22 200.29.174.125:43936 ESTABLISHED 12042/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:44229 ESTABLISHED 12044/sshd
tcp 0 840 45.33.71.204:22 200.29.174.125:44566 ESTABLISHED 12047/sshd
tcp 0 21 45.33.71.204:22 200.29.174.125:44844 ESTABLISHED 12056/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:45079 SYN_RECV -
tcp 0 84 45.33.71.204:22 200.29.174.125:45079 ESTABLISHED 12058/sshd


What I understand from the above output is that this person(or bot?) is changing ports every second and so a new PID for SSHD is created every time he(or it) "establishes" a connection. Am I right?



Next and more important thing I'd like to ask is does the "ESTABLISHED" state here mean that he(or it) actually has access to my server as the root user? Or if I'm right at my assumption above, does this mean he(or it) is scanning for ports in my server, still trying to get in?






ssh netstat







share|improve this question






















  • Most systems log authentication events. Where depends on the distribution / OS like /var/log/secure for Redhat and derivatives (Centos, Oracle Linux etc) and /var/log/auth.log for Debian and derivatives (Ubuntu etc).

    – Brian
    May 8 '15 at 20:34

















0















I have this person(or bot) from an IP in Chile which has an "ESTABLISHED" connection to SSHD as root on my server.



I'm trying to understand what netstat's outputs really mean, the manual doesn't really provide much details about them. Here's what I get:



root@linode [~]# netstat -tanpc|grep 200.29.174.125
tcp 0 840 45.33.71.204:22 200.29.174.125:40506 ESTABLISHED 12016/sshd
tcp 0 21 45.33.71.204:22 200.29.174.125:40792 ESTABLISHED 12020/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:41079 SYN_RECV -
tcp 0 1 45.33.71.204:22 200.29.174.125:40792 FIN_WAIT1 -
tcp 0 84 45.33.71.204:22 200.29.174.125:41079 ESTABLISHED 12022/sshd
tcp 0 52 45.33.71.204:22 200.29.174.125:41353 ESTABLISHED 12024/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:41661 ESTABLISHED 12026/sshd
tcp 0 720 45.33.71.204:22 200.29.174.125:41959 ESTABLISHED 12028/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:42208 ESTABLISHED 12030/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:42509 ESTABLISHED 12032/sshd
tcp 0 21 45.33.71.204:22 200.29.174.125:42810 ESTABLISHED 12034/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:43094 SYN_RECV -
tcp 0 84 45.33.71.204:22 200.29.174.125:43094 ESTABLISHED 12036/sshd
tcp 0 52 45.33.71.204:22 200.29.174.125:43362 ESTABLISHED 12038/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:43676 ESTABLISHED 12040/sshd
tcp 0 720 45.33.71.204:22 200.29.174.125:43936 ESTABLISHED 12042/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:44229 ESTABLISHED 12044/sshd
tcp 0 840 45.33.71.204:22 200.29.174.125:44566 ESTABLISHED 12047/sshd
tcp 0 21 45.33.71.204:22 200.29.174.125:44844 ESTABLISHED 12056/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:45079 SYN_RECV -
tcp 0 84 45.33.71.204:22 200.29.174.125:45079 ESTABLISHED 12058/sshd


What I understand from the above output is that this person(or bot?) is changing ports every second and so a new PID for SSHD is created every time he(or it) "establishes" a connection. Am I right?



Next and more important thing I'd like to ask is does the "ESTABLISHED" state here mean that he(or it) actually has access to my server as the root user? Or if I'm right at my assumption above, does this mean he(or it) is scanning for ports in my server, still trying to get in?






ssh netstat







share|improve this question






















  • Most systems log authentication events. Where depends on the distribution / OS like /var/log/secure for Redhat and derivatives (Centos, Oracle Linux etc) and /var/log/auth.log for Debian and derivatives (Ubuntu etc).

    – Brian
    May 8 '15 at 20:34













0












0








0


1






I have this person(or bot) from an IP in Chile which has an "ESTABLISHED" connection to SSHD as root on my server.



I'm trying to understand what netstat's outputs really mean, the manual doesn't really provide much details about them. Here's what I get:



root@linode [~]# netstat -tanpc|grep 200.29.174.125
tcp 0 840 45.33.71.204:22 200.29.174.125:40506 ESTABLISHED 12016/sshd
tcp 0 21 45.33.71.204:22 200.29.174.125:40792 ESTABLISHED 12020/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:41079 SYN_RECV -
tcp 0 1 45.33.71.204:22 200.29.174.125:40792 FIN_WAIT1 -
tcp 0 84 45.33.71.204:22 200.29.174.125:41079 ESTABLISHED 12022/sshd
tcp 0 52 45.33.71.204:22 200.29.174.125:41353 ESTABLISHED 12024/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:41661 ESTABLISHED 12026/sshd
tcp 0 720 45.33.71.204:22 200.29.174.125:41959 ESTABLISHED 12028/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:42208 ESTABLISHED 12030/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:42509 ESTABLISHED 12032/sshd
tcp 0 21 45.33.71.204:22 200.29.174.125:42810 ESTABLISHED 12034/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:43094 SYN_RECV -
tcp 0 84 45.33.71.204:22 200.29.174.125:43094 ESTABLISHED 12036/sshd
tcp 0 52 45.33.71.204:22 200.29.174.125:43362 ESTABLISHED 12038/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:43676 ESTABLISHED 12040/sshd
tcp 0 720 45.33.71.204:22 200.29.174.125:43936 ESTABLISHED 12042/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:44229 ESTABLISHED 12044/sshd
tcp 0 840 45.33.71.204:22 200.29.174.125:44566 ESTABLISHED 12047/sshd
tcp 0 21 45.33.71.204:22 200.29.174.125:44844 ESTABLISHED 12056/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:45079 SYN_RECV -
tcp 0 84 45.33.71.204:22 200.29.174.125:45079 ESTABLISHED 12058/sshd


What I understand from the above output is that this person(or bot?) is changing ports every second and so a new PID for SSHD is created every time he(or it) "establishes" a connection. Am I right?



Next and more important thing I'd like to ask is does the "ESTABLISHED" state here mean that he(or it) actually has access to my server as the root user? Or if I'm right at my assumption above, does this mean he(or it) is scanning for ports in my server, still trying to get in?






ssh netstat







share|improve this question














I have this person(or bot) from an IP in Chile which has an "ESTABLISHED" connection to SSHD as root on my server.



I'm trying to understand what netstat's outputs really mean, the manual doesn't really provide much details about them. Here's what I get:



root@linode [~]# netstat -tanpc|grep 200.29.174.125
tcp 0 840 45.33.71.204:22 200.29.174.125:40506 ESTABLISHED 12016/sshd
tcp 0 21 45.33.71.204:22 200.29.174.125:40792 ESTABLISHED 12020/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:41079 SYN_RECV -
tcp 0 1 45.33.71.204:22 200.29.174.125:40792 FIN_WAIT1 -
tcp 0 84 45.33.71.204:22 200.29.174.125:41079 ESTABLISHED 12022/sshd
tcp 0 52 45.33.71.204:22 200.29.174.125:41353 ESTABLISHED 12024/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:41661 ESTABLISHED 12026/sshd
tcp 0 720 45.33.71.204:22 200.29.174.125:41959 ESTABLISHED 12028/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:42208 ESTABLISHED 12030/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:42509 ESTABLISHED 12032/sshd
tcp 0 21 45.33.71.204:22 200.29.174.125:42810 ESTABLISHED 12034/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:43094 SYN_RECV -
tcp 0 84 45.33.71.204:22 200.29.174.125:43094 ESTABLISHED 12036/sshd
tcp 0 52 45.33.71.204:22 200.29.174.125:43362 ESTABLISHED 12038/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:43676 ESTABLISHED 12040/sshd
tcp 0 720 45.33.71.204:22 200.29.174.125:43936 ESTABLISHED 12042/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:44229 ESTABLISHED 12044/sshd
tcp 0 840 45.33.71.204:22 200.29.174.125:44566 ESTABLISHED 12047/sshd
tcp 0 21 45.33.71.204:22 200.29.174.125:44844 ESTABLISHED 12056/sshd
tcp 0 0 45.33.71.204:22 200.29.174.125:45079 SYN_RECV -
tcp 0 84 45.33.71.204:22 200.29.174.125:45079 ESTABLISHED 12058/sshd


What I understand from the above output is that this person(or bot?) is changing ports every second and so a new PID for SSHD is created every time he(or it) "establishes" a connection. Am I right?



Next and more important thing I'd like to ask is does the "ESTABLISHED" state here mean that he(or it) actually has access to my server as the root user? Or if I'm right at my assumption above, does this mean he(or it) is scanning for ports in my server, still trying to get in?






ssh netstat




ssh netstat






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked May 8 '15 at 20:07









Nim LeFleurNim LeFleur

1112




1112












  • Most systems log authentication events. Where depends on the distribution / OS like /var/log/secure for Redhat and derivatives (Centos, Oracle Linux etc) and /var/log/auth.log for Debian and derivatives (Ubuntu etc).

    – Brian
    May 8 '15 at 20:34

















  • Most systems log authentication events. Where depends on the distribution / OS like /var/log/secure for Redhat and derivatives (Centos, Oracle Linux etc) and /var/log/auth.log for Debian and derivatives (Ubuntu etc).

    – Brian
    May 8 '15 at 20:34
















Most systems log authentication events. Where depends on the distribution / OS like /var/log/secure for Redhat and derivatives (Centos, Oracle Linux etc) and /var/log/auth.log for Debian and derivatives (Ubuntu etc).

– Brian
May 8 '15 at 20:34





Most systems log authentication events. Where depends on the distribution / OS like /var/log/secure for Redhat and derivatives (Centos, Oracle Linux etc) and /var/log/auth.log for Debian and derivatives (Ubuntu etc).

– Brian
May 8 '15 at 20:34










2 Answers
2






active

oldest

votes


















8














Established only means that the connection is fully open and data can be transmitted. It doesn't necessarily mean that any data has been transmitted! It doesn't imply anything about layer 7, whether someone has authenticated to your system or not. You can check your system logs to learn if someone has authenticated successfully.






share|improve this answer























  • Thanks for clarifying that about the "established" state. That's what I'm actually worried about. I have set this server to send me an email every time a successful root login happens (I am using WHM/cPanel on this server). And it works when I login as root, I get an email. I'm not sure if it might be possible for root logins/successful authentication to happen without triggering the email notification I have set. Please excuse me, I'm relatively new to managing servers. Where do I find those system logs that you're talking about? I have CentOS 6.6 on this server, again with WHM/cPanel.

    – Nim LeFleur
    May 8 '15 at 20:19











  • All the system logs are in /var/log. I don't know what cPanel does; it is not a supportable topic here. You probably want to familiarize yourself with the system documentation.

    – Michael Hampton
    May 8 '15 at 20:23



















-1














Established means that the user on the other end has an open connection and so things like "shutdown -I" should work except if obviously you cannot do that anyway. I only worry about the outputs labelled Established unless the other ones are needed.






share|improve this answer

























    Your Answer








    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "2"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader:
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    ,
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













    draft saved

    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f690711%2fdoes-established-state-in-netstat-command-for-the-sshd-program-mean-they-actua%23new-answer', 'question_page');

    );

    Post as a guest















    Required, but never shown

























    2 Answers
    2






    active

    oldest

    votes








    2 Answers
    2






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    8














    Established only means that the connection is fully open and data can be transmitted. It doesn't necessarily mean that any data has been transmitted! It doesn't imply anything about layer 7, whether someone has authenticated to your system or not. You can check your system logs to learn if someone has authenticated successfully.






    share|improve this answer























    • Thanks for clarifying that about the "established" state. That's what I'm actually worried about. I have set this server to send me an email every time a successful root login happens (I am using WHM/cPanel on this server). And it works when I login as root, I get an email. I'm not sure if it might be possible for root logins/successful authentication to happen without triggering the email notification I have set. Please excuse me, I'm relatively new to managing servers. Where do I find those system logs that you're talking about? I have CentOS 6.6 on this server, again with WHM/cPanel.

      – Nim LeFleur
      May 8 '15 at 20:19











    • All the system logs are in /var/log. I don't know what cPanel does; it is not a supportable topic here. You probably want to familiarize yourself with the system documentation.

      – Michael Hampton
      May 8 '15 at 20:23
















    8














    Established only means that the connection is fully open and data can be transmitted. It doesn't necessarily mean that any data has been transmitted! It doesn't imply anything about layer 7, whether someone has authenticated to your system or not. You can check your system logs to learn if someone has authenticated successfully.






    share|improve this answer























    • Thanks for clarifying that about the "established" state. That's what I'm actually worried about. I have set this server to send me an email every time a successful root login happens (I am using WHM/cPanel on this server). And it works when I login as root, I get an email. I'm not sure if it might be possible for root logins/successful authentication to happen without triggering the email notification I have set. Please excuse me, I'm relatively new to managing servers. Where do I find those system logs that you're talking about? I have CentOS 6.6 on this server, again with WHM/cPanel.

      – Nim LeFleur
      May 8 '15 at 20:19











    • All the system logs are in /var/log. I don't know what cPanel does; it is not a supportable topic here. You probably want to familiarize yourself with the system documentation.

      – Michael Hampton
      May 8 '15 at 20:23














    8












    8








    8







    Established only means that the connection is fully open and data can be transmitted. It doesn't necessarily mean that any data has been transmitted! It doesn't imply anything about layer 7, whether someone has authenticated to your system or not. You can check your system logs to learn if someone has authenticated successfully.






    share|improve this answer













    Established only means that the connection is fully open and data can be transmitted. It doesn't necessarily mean that any data has been transmitted! It doesn't imply anything about layer 7, whether someone has authenticated to your system or not. You can check your system logs to learn if someone has authenticated successfully.







    share|improve this answer












    share|improve this answer



    share|improve this answer










    answered May 8 '15 at 20:10









    Michael HamptonMichael Hampton

    180k28336666




    180k28336666












    • Thanks for clarifying that about the "established" state. That's what I'm actually worried about. I have set this server to send me an email every time a successful root login happens (I am using WHM/cPanel on this server). And it works when I login as root, I get an email. I'm not sure if it might be possible for root logins/successful authentication to happen without triggering the email notification I have set. Please excuse me, I'm relatively new to managing servers. Where do I find those system logs that you're talking about? I have CentOS 6.6 on this server, again with WHM/cPanel.

      – Nim LeFleur
      May 8 '15 at 20:19











    • All the system logs are in /var/log. I don't know what cPanel does; it is not a supportable topic here. You probably want to familiarize yourself with the system documentation.

      – Michael Hampton
      May 8 '15 at 20:23


















    • Thanks for clarifying that about the "established" state. That's what I'm actually worried about. I have set this server to send me an email every time a successful root login happens (I am using WHM/cPanel on this server). And it works when I login as root, I get an email. I'm not sure if it might be possible for root logins/successful authentication to happen without triggering the email notification I have set. Please excuse me, I'm relatively new to managing servers. Where do I find those system logs that you're talking about? I have CentOS 6.6 on this server, again with WHM/cPanel.

      – Nim LeFleur
      May 8 '15 at 20:19











    • All the system logs are in /var/log. I don't know what cPanel does; it is not a supportable topic here. You probably want to familiarize yourself with the system documentation.

      – Michael Hampton
      May 8 '15 at 20:23

















    Thanks for clarifying that about the "established" state. That's what I'm actually worried about. I have set this server to send me an email every time a successful root login happens (I am using WHM/cPanel on this server). And it works when I login as root, I get an email. I'm not sure if it might be possible for root logins/successful authentication to happen without triggering the email notification I have set. Please excuse me, I'm relatively new to managing servers. Where do I find those system logs that you're talking about? I have CentOS 6.6 on this server, again with WHM/cPanel.

    – Nim LeFleur
    May 8 '15 at 20:19





    Thanks for clarifying that about the "established" state. That's what I'm actually worried about. I have set this server to send me an email every time a successful root login happens (I am using WHM/cPanel on this server). And it works when I login as root, I get an email. I'm not sure if it might be possible for root logins/successful authentication to happen without triggering the email notification I have set. Please excuse me, I'm relatively new to managing servers. Where do I find those system logs that you're talking about? I have CentOS 6.6 on this server, again with WHM/cPanel.

    – Nim LeFleur
    May 8 '15 at 20:19













    All the system logs are in /var/log. I don't know what cPanel does; it is not a supportable topic here. You probably want to familiarize yourself with the system documentation.

    – Michael Hampton
    May 8 '15 at 20:23






    All the system logs are in /var/log. I don't know what cPanel does; it is not a supportable topic here. You probably want to familiarize yourself with the system documentation.

    – Michael Hampton
    May 8 '15 at 20:23














    -1














    Established means that the user on the other end has an open connection and so things like "shutdown -I" should work except if obviously you cannot do that anyway. I only worry about the outputs labelled Established unless the other ones are needed.






    share|improve this answer



























      -1














      Established means that the user on the other end has an open connection and so things like "shutdown -I" should work except if obviously you cannot do that anyway. I only worry about the outputs labelled Established unless the other ones are needed.






      share|improve this answer

























        -1












        -1








        -1







        Established means that the user on the other end has an open connection and so things like "shutdown -I" should work except if obviously you cannot do that anyway. I only worry about the outputs labelled Established unless the other ones are needed.






        share|improve this answer













        Established means that the user on the other end has an open connection and so things like "shutdown -I" should work except if obviously you cannot do that anyway. I only worry about the outputs labelled Established unless the other ones are needed.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Jun 5 at 21:04









        user526596user526596

        1




        1



























            draft saved

            draft discarded
















































            Thanks for contributing an answer to Server Fault!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f690711%2fdoes-established-state-in-netstat-command-for-the-sshd-program-mean-they-actua%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            Club Baloncesto Breogán Índice Historia | Pavillón | Nome | O Breogán na cultura popular | Xogadores | Adestradores | Presidentes | Palmarés | Historial | Líderes | Notas | Véxase tamén | Menú de navegacióncbbreogan.galCadroGuía oficial da ACB 2009-10, páxina 201Guía oficial ACB 1992, páxina 183. Editorial DB.É de 6.500 espectadores sentados axeitándose á última normativa"Estudiantes Junior, entre as mellores canteiras"o orixinalHemeroteca El Mundo Deportivo, 16 setembro de 1970, páxina 12Historia do BreogánAlfredo Pérez, o último canoneiroHistoria C.B. BreogánHemeroteca de El Mundo DeportivoJimmy Wright, norteamericano do Breogán deixará Lugo por ameazas de morteResultados de Breogán en 1986-87Resultados de Breogán en 1990-91Ficha de Velimir Perasović en acb.comResultados de Breogán en 1994-95Breogán arrasa al Barça. "El Mundo Deportivo", 27 de setembro de 1999, páxina 58CB Breogán - FC BarcelonaA FEB invita a participar nunha nova Liga EuropeaCharlie Bell na prensa estatalMáximos anotadores 2005Tempada 2005-06 : Tódolos Xogadores da Xornada""Non quero pensar nunha man negra, mais pregúntome que está a pasar""o orixinalRaúl López, orgulloso dos xogadores, presume da boa saúde económica do BreogánJulio González confirma que cesa como presidente del BreogánHomenaxe a Lisardo GómezA tempada do rexurdimento celesteEntrevista a Lisardo GómezEl COB dinamita el Pazo para forzar el quinto (69-73)Cafés Candelas, patrocinador del CB Breogán"Suso Lázare, novo presidente do Breogán"o orixinalCafés Candelas Breogán firma el mayor triunfo de la historiaEl Breogán realizará 17 homenajes por su cincuenta aniversario"O Breogán honra ao seu fundador e primeiro presidente"o orixinalMiguel Giao recibiu a homenaxe do PazoHomenaxe aos primeiros gladiadores celestesO home que nos amosa como ver o Breo co corazónTita Franco será homenaxeada polos #50anosdeBreoJulio Vila recibirá unha homenaxe in memoriam polos #50anosdeBreo"O Breogán homenaxeará aos seus aboados máis veteráns"Pechada ovación a «Capi» Sanmartín e Ricardo «Corazón de González»Homenaxe por décadas de informaciónPaco García volve ao Pazo con motivo do 50 aniversario"Resultados y clasificaciones""O Cafés Candelas Breogán, campión da Copa Princesa""O Cafés Candelas Breogán, equipo ACB"C.B. Breogán"Proxecto social"o orixinal"Centros asociados"o orixinalFicha en imdb.comMario Camus trata la recuperación del amor en 'La vieja música', su última película"Páxina web oficial""Club Baloncesto Breogán""C. B. Breogán S.A.D."eehttp://www.fegaba.com

            Image
            Barça LassaBAXI ManresaCafés Candelas BreogánDelteco GBCDivina Seguros JoventutHerbalife Gran CanariaIberostar TenerifeKirolbet BaskoniaMonbus ObradoiroMontakit FuenlabradaMoraBanc AndorraMovistar EstudiantesReal MadridSan Pablo BurgosTecnyconta ZaragozaUCAM MurciaUnicajaValencia Basket Club Baloncesto Breogán baloncestoLugoGalicia1966JuanJosé Ramón Varela Portasmáxima categoría1970competicións europeasLiga ACBPavillón MunicipalPazo dos DeportesJesús Lázareliga EBAClub Estudiantes1965Lugobaloncestosegunda divisiónJosé RamónJuan Varela-Portas y Pardo1966Celestino Fernández de la Vega196869primeira divisiónZaragozaprimeira divisiónReal MadridJoventutEstudiantes19701971máxima categoría estatal11 de outubro1970Palacio dos DeportesLugoTenerifeMadridReal MadridAlfredo PérezBreogán19711972TenerifeMadridvascocatalánAlfredo PérezespañolMadridLugoManresa La Casera19741975As...
            Read more

            Vilaño, A Laracha Índice Patrimonio | Lugares e parroquias | Véxase tamén | Menú de navegación43°14′52″N 8°36′03″O / 43.24775, -8.60070

            Image
            Parroquias da LarachaParroquias de Galicia baixo a advocación de Santiago o Maior coruñésLarachacomarca de BergantiñosIGE20131999castro de Montesclarospoboado castrexoidade de ferroromanización de Galiciamiliariopazo de Montesclarosséculo XIXAmboadeA AreosaA BarreiraBos AiresA BoticaAs Brañas da ViñaAs BrañasBusteloOs CanedosFerreirosAs FervenzasA Fonte da CanleO FormigueiroFornelosA FragaFragundeGravidoA LamelaMarfuloOs MeánsMontes ClarosA PanelaO PazoQuintánsRibelaSamiroO SeixoA TelleiraVilañoVilanovaA ViñaVista AlegreCabovilaño (San Román)Caión (Santa María do Socorro)Coiro (San Xián)Erboedo (Santa María)Golmar (San Bieito)Lemaio (Santa Mariña)Lendo (San Xián)Lestón (San Martiño)Montemaior (Santa María Madanela)Soandres (San Pedro)Soutullo (Santa María)Torás (Santa María)Vilaño (Santiago) Vilaño, A Laracha Na Galipedia, a Wi...
            Read more

            Cegueira Índice Epidemioloxía | Deficiencia visual | Tipos de cegueira | Principais causas de cegueira | Tratamento | Técnicas de adaptación e axudas | Vida dos cegos | Primeiros auxilios | Crenzas respecto das persoas cegas | Crenzas das persoas cegas | O neno deficiente visual | Aspectos psicolóxicos da cegueira | Notas | Véxase tamén | Menú de navegación54.054.154.436928256blindnessDicionario da Real Academia GalegaPortal das Palabras"International Standards: Visual Standards — Aspects and Ranges of Vision Loss with Emphasis on Population Surveys.""Visual impairment and blindness""Presentan un plan para previr a cegueira"o orixinalACCDV Associació Catalana de Cecs i Disminuïts Visuals - PMFTrachoma"Effect of gene therapy on visual function in Leber's congenital amaurosis"1844137110.1056/NEJMoa0802268Cans guía - os mellores amigos dos cegosArquivadoEscola de cans guía para cegos en Mortágua, PortugalArquivado"Tecnología para ciegos y deficientes visuales. Recopilación de recursos gratuitos en la Red""Colorino""‘COL.diesis’, escuchar los sonidos del color""COL.diesis: Transforming Colour into Melody and Implementing the Result in a Colour Sensor Device"o orixinal"Sistema de desarrollo de sinestesia color-sonido para invidentes utilizando un protocolo de audio""Enseñanza táctil - geometría y color. Juegos didácticos para niños ciegos y videntes""Sistema Constanz"L'ocupació laboral dels cecs a l'Estat espanyol està pràcticament equiparada a la de les persones amb visió, entrevista amb Pedro ZuritaONCE (Organización Nacional de Cegos de España)Prevención da cegueiraDescrición de deficiencias visuais (Disc@pnet)Braillín, un boneco atractivo para calquera neno, con ou sen discapacidade, que permite familiarizarse co sistema de escritura e lectura brailleAxudas Técnicas36838ID00897494007150-90057129528256DOID:1432HP:0000618D001766C10.597.751.941.162C97109C0155020

            Image
            OftalmoloxíaDiscapacidade sentidovistaNorteaméricaEuropaollopaíses en vías de desenvolvementopaíses desenvolvidos2014Organización Mundial da SaúdeGaliciaretinopatía diabéticaglaucomaresto visualagudeza visualcampo visualterapia xénicaretinavirus do arrefriado comúncanadestradoséculo XIXLouis Brailleteclado brailleescáneresrecoñecemento óptico de caractereslectores de pantallacorsinestesiafrauta doceamareloclarineteazultamboresvermellopianoverdeSistema Constanzsemáforocans guíaBrailletactosoftwaretactoeuroAvuiséculo XXUnión SoviéticaFranciaItaliaInglaterraNataciónatletismociclismojudoesquífútbol salamontañismoxadrezgoalballsociedademúsicosindixentesprofetassabiosoídotactomúsicarisatactooídolinguaxePiaget (function()var node=document.getElementById("mw-dismissablenotice-anonplace");if(node)node.outerHTML="u003Cdiv class="mw-dismissable-notice"u0...
            Read more