Cannot identify process of listening port 600/tcp6

BBlister bblister at
Mon Feb 18 06:56:40 UTC 2019

>From FreeBSD Forums

> You could make the firewall log activity on that port.
> Also, you can use tcpdump to analyze the content of the datagrams.
> If I recall correctly, nmap has a service discovery mode and it can try to
> detect what exactly is listening on > the port.

My reply:
I have executed tcpdump for 24 hours but I couln't receive/send any packet
destined for that port. This is a passive way of detecting what is
happening, and involves reverse engineering, because the datagram may be

It is difficult to wait for a packet to arrive or depart on port 600 (maybe
it is trojan waiting to be activated?). 

I find it strange that FreeBSD does not have a tool to detect kernel
listening sockets and the only way to detect what is happening it just by
sniffing and trying to figure out the datagrams.

What should I try next?

Sent from:

More information about the freebsd-questions mailing list