Cannot identify process of listening port 600/tcp6

Doug Hardie bc979 at
Mon Feb 18 09:36:45 UTC 2019

> On 17 February 2019, at 22:56, BBlister <bblister at> wrote:
> From FreeBSD Forums
>> You could make the firewall log activity on that port.
>> Also, you can use tcpdump to analyze the content of the datagrams.
>> If I recall correctly, nmap has a service discovery mode and it can try to
>> detect what exactly is listening on > the port.
> My reply:
> I have executed tcpdump for 24 hours but I couln't receive/send any packet
> destined for that port. This is a passive way of detecting what is
> happening, and involves reverse engineering, because the datagram may be
> encrypted.
> It is difficult to wait for a packet to arrive or depart on port 600 (maybe
> it is trojan waiting to be activated?). 
> I find it strange that FreeBSD does not have a tool to detect kernel
> listening sockets and the only way to detect what is happening it just by
> sniffing and trying to figure out the datagrams.
> What should I try next?

Possibly might provide some helpful information.

More information about the freebsd-questions mailing list