09:37:34
|
#nmap ya.ru
Starting Nmap 5.00 ( http://nmap.org ) at 2013-06-11 10:37 EEST Warning: Hostname ya.ru resolves to 8 IPs. Using 87.250.251.3. |
| /l3/users/10-06-2013/NT-Lnet/debian3.net.nt/root :1 :2 :3 :4 :5 :6 :7 :8 :9 :10 :11 |
|
|
#nmap fobos.net.nt
Starting Nmap 5.00 ( http://nmap.org ) at 2013-06-11 10:36 EEST Interesting ports on fobos.net.nt (192.168.13.253): Not shown: 988 closed ports PORT STATE SERVICE 22/tcp open ssh 53/tcp open domain 80/tcp open http 111/tcp open rpcbind 139/tcp open netbios-ssn 445/tcp open microsoft-ds 5900/tcp open vnc 5901/tcp open vnc-1 5902/tcp open vnc-2 5903/tcp open vnc-3 5904/tcp open unknown 8080/tcp open http-proxy MAC Address: 00:07:E9:0C:45:0C (Intel) Nmap done: 1 IP address (1 host up) scanned in 0.21 seconds |
|
#nmap 10.1.64.155
Starting Nmap 5.00 ( http://nmap.org ) at 2013-06-11 10:37 EEST Interesting ports on 10.1.64.155: Not shown: 993 closed ports PORT STATE SERVICE 21/tcp open ftp 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind 1723/tcp open pptp 2000/tcp open callbook 5060/tcp open sip Nmap done: 1 IP address (1 host up) scanned in 0.16 seconds |
|
#nmap ya.ru
Starting Nmap 5.00 ( http://nmap.org ) at 2013-06-11 10:37 EEST Warning: Hostname ya.ru resolves to 8 IPs. Using 87.250.251.3. |
|
#netstat
Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 debian3.net.nt:ssh net.nt:42719 ESTABLISHED tcp 0 0 debian3.net.nt:35161 xgu.ru:18030 TIME_WAIT tcp 0 176 debian3.net.nt:ssh 192.168.17.104:3542 ESTABLISHED tcp 0 176 debian3.net.nt:ssh 192.168.17.102:3321 ESTABLISHED Active UNIX domain sockets (w/o servers) Proto RefCnt Flags Type State I-Node Path unix 6 [ ] DGRAM 3617 /dev/log unix 2 [ ] DGRAM 2347 @/org/kernel/udev/udevd unix 2 [ ] DGRAM 191717 unix 2 [ ] DGRAM 182714 unix 2 [ ] DGRAM 8426 unix 2 [ ] DGRAM 3644 unix 3 [ ] DGRAM 2352 unix 3 [ ] DGRAM 2351 |
|
#netstat -n
Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 192.168.13.3:22 192.168.13.253:42719 ESTABLISHED tcp 0 0 192.168.13.3:35162 178.63.229.230:18030 TIME_WAIT tcp 0 176 192.168.13.3:22 192.168.17.104:3542 ESTABLISHED tcp 0 176 192.168.13.3:22 192.168.17.102:3321 ESTABLISHED Active UNIX domain sockets (w/o servers) Proto RefCnt Flags Type State I-Node Path unix 6 [ ] DGRAM 3617 /dev/log unix 2 [ ] DGRAM 2347 @/org/kernel/udev/udevd unix 2 [ ] DGRAM 191717 unix 2 [ ] DGRAM 182714 unix 2 [ ] DGRAM 8426 unix 2 [ ] DGRAM 3644 unix 3 [ ] DGRAM 2352 unix 3 [ ] DGRAM 2351 |
|
#netstat -nl
Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp6 0 0 :::22 :::* LISTEN udp 0 0 0.0.0.0:111 0.0.0.0:* Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node Path unix 2 [ ACC ] STREAM LISTENING 3647 /var/run/acpid.socket |
|
#netstat -nlp
Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 635/portmap tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2362/sshd tcp6 0 0 :::22 :::* LISTEN 2362/sshd udp 0 0 0.0.0.0:111 0.0.0.0:* 635/portmap Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node PID/Program name Path unix 2 [ ACC ] STREAM LISTENING 3647 849/acpid /var/run/acpid.socket |
|
#netstat -nlp -inet
Kernel Interface table
eth0 Link encap:Ethernet HWaddr 00:16:3e:00:00:03
inet addr:192.168.13.3 Bcast:192.168.13.255 Mask:255.255.255.0
inet6 addr: fe80::216:3eff:fe00:3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:32191 errors:0 dropped:0 overruns:0 frame:0
TX packets:108443 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2527700 (2.4 MiB) TX bytes:115452733 (110.1 MiB)
Interrupt:72
eth0:1 Link encap:Ethernet HWaddr 00:16:3e:00:00:03
inet addr:192.168.13.252 Bcast:192.168.13.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:72
|
|
#netstat -nlp -A -inet
Unknown address family `-inet'. |
|
#netstat -nlp ]-inet
Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 635/portmap tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2362/sshd tcp6 0 0 :::22 :::* LISTEN 2362/sshd udp 0 0 0.0.0.0:111 0.0.0.0:* 635/portmap Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node PID/Program name Path unix 2 [ ACC ] STREAM LISTENING 3647 849/acpid /var/run/acpid.socket |
|
#netstat -nlp -inet
Kernel Interface table
eth0 Link encap:Ethernet HWaddr 00:16:3e:00:00:03
inet addr:192.168.13.3 Bcast:192.168.13.255 Mask:255.255.255.0
inet6 addr: fe80::216:3eff:fe00:3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:32473 errors:0 dropped:0 overruns:0 frame:0
TX packets:108713 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2544519 (2.4 MiB) TX bytes:115490456 (110.1 MiB)
Interrupt:72
eth0:1 Link encap:Ethernet HWaddr 00:16:3e:00:00:03
inet addr:192.168.13.252 Bcast:192.168.13.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:72
|
|
#netstat -inet
Kernel Interface table
eth0 Link encap:Ethernet HWaddr 00:16:3e:00:00:03
inet addr:192.168.13.3 Bcast:192.168.13.255 Mask:255.255.255.0
inet6 addr: fe80::216:3eff:fe00:3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:32615 errors:0 dropped:0 overruns:0 frame:0
TX packets:108849 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2552954 (2.4 MiB) TX bytes:115511151 (110.1 MiB)
Interrupt:72
eth0:1 Link encap:Ethernet HWaddr 00:16:3e:00:00:03
inet addr:192.168.13.252 Bcast:192.168.13.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:72
|
|
#netstat -inet6
Kernel Interface table
eth0 Link encap:Ethernet HWaddr 00:16:3e:00:00:03
inet addr:192.168.13.3 Bcast:192.168.13.255 Mask:255.255.255.0
inet6 addr: fe80::216:3eff:fe00:3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:32701 errors:0 dropped:0 overruns:0 frame:0
TX packets:108951 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2557570 (2.4 MiB) TX bytes:115524987 (110.1 MiB)
Interrupt:72
eth0:1 Link encap:Ethernet HWaddr 00:16:3e:00:00:03
inet addr:192.168.13.252 Bcast:192.168.13.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:72
|
|
#netstat -inet
Kernel Interface table
eth0 Link encap:Ethernet HWaddr 00:16:3e:00:00:03
inet addr:192.168.13.3 Bcast:192.168.13.255 Mask:255.255.255.0
inet6 addr: fe80::216:3eff:fe00:3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:32788 errors:0 dropped:0 overruns:0 frame:0
TX packets:109053 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2562238 (2.4 MiB) TX bytes:115538823 (110.1 MiB)
Interrupt:72
eth0:1 Link encap:Ethernet HWaddr 00:16:3e:00:00:03
inet addr:192.168.13.252 Bcast:192.168.13.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:72
|
|
#netstat -nlp -A inet
Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 635/portmap tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2362/sshd udp 0 0 0.0.0.0:111 0.0.0.0:* 635/portmap |
|
#netstat -nlp -A inet6
Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp6 0 0 :::22 :::* LISTEN 2362/sshd |
|
#ssh
ssh ssh-agent ssh-copy-id ssh-keygen ssh-vulnkey ssh-add ssh-argv0 sshd ssh-keyscan |
|
#man ssh
|
|
#ifconfig
eth0 Link encap:Ethernet HWaddr 00:16:3e:00:00:03
inet addr:192.168.13.3 Bcast:192.168.13.255 Mask:255.255.255.0
inet6 addr: fe80::216:3eff:fe00:3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:33255 errors:0 dropped:0 overruns:0 frame:0
TX packets:109548 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2591446 (2.4 MiB) TX bytes:115626163 (110.2 MiB)
Interrupt:72
eth0:1 Link encap:Ethernet HWaddr 00:16:3e:00:00:03
inet addr:192.168.13.252 Bcast:192.168.13.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:72
|
|
#ssh -6 root@fe80::216:3eff:fe00:2
ssh: connect to host fe80::216:3eff:fe00:2 port 22: Invalid argument |
|
#ssh -6 fe80::216:3eff:fe00:2
ssh: connect to host fe80::216:3eff:fe00:2 port 22: Invalid argument |
|
#netstat -t
Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 352 debian3.net.nt:ssh fobos.net.nt:42719 ESTABLISHED tcp 0 0 debian3.net.nt:58035 xgu.ru:18030 TIME_WAIT tcp 0 0 debian3.net.nt:58034 xgu.ru:18030 TIME_WAIT tcp 0 352 debian3.net.nt:ssh 192.168.17.104:3542 ESTABLISHED tcp 0 352 debian3.net.nt:ssh 192.168.17.102:3321 ESTABLISHED |
|
#netstat -u
Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State |
|
#netstat -s -t
IcmpMsg:
InType0: 981
InType3: 24
InType8: 101
InType11: 192
InType14: 1
OutType0: 18
OutType8: 2736
OutType69: 4
Tcp:
...
TCPSackShiftFallback: 2
IpExt:
InMcastPkts: 505
InBcastPkts: 259
OutBcastPkts: 83
InOctets: 2606473
OutOctets: 112750636
InMcastOctets: 16160
InBcastOctets: 48772
OutBcastOctets: 6972
|
|
#netstat -s -t|less
|
|
#netstat -t|less
|
|
#netstat -w|less
|
|
#tcpdump
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 10:44:41.761973 IP debian3.net.nt.ssh > 192.168.17.102.3321: Flags [P.], seq 479319390:479319502, ack 3151115020, win 613, options [nop,nop,TS val 15884643 ecr 9460362], length 112 10:44:41.762048 IP debian3.net.nt.ssh > fobos.net.nt.42719: Flags [P.], seq 285841467:285841579, ack 1250665337, win 861, options [nop,nop,TS val 15884643 ecr 324125690], length 112 10:44:41.762093 IP debian3.net.nt.ssh > 192.168.17.104.3542: Flags [P.], seq 3898102886:3898102998, ack 3631404918, win 613, options [nop,nop,TS val 15884643 ecr 9458081], length 112 10:44:41.762261 IP fobos.net.nt.42719 > debian3.net.nt.ssh: Flags [.], ack 112, win 501, options [nop,nop,TS val 324125733 ecr 15884643], length 0 10:44:41.762506 IP debian3.net.nt.ssh > 192.168.17.102.3321: Flags [P.], seq 112:160, ack 1, win 613, options [nop,nop,TS val 15884644 ecr 9460362], length 48 10:44:41.762544 IP debian3.net.nt.ssh > fobos.net.nt.42719: Flags [P.], seq 112:160, ack 1, win 861, options [nop,nop,TS val 15884644 ecr 324125733], length 48 10:44:41.762577 IP debian3.net.nt.ssh > 192.168.17.104.3542: Flags [P.], seq 112:160, ack 1, win 613, options [nop,nop,TS val 15884644 ecr 9458081], length 48 10:44:41.762697 IP 192.168.17.102.3321 > debian3.net.nt.ssh: Flags [.], ack 112, win 61480, options [nop,nop,TS val 9460367 ecr 15884643], length 0 ... 10:44:47.623208 IP debian3.net.nt.ssh > 192.168.17.104.3542: Flags [P.], seq 2311360:2311664, ack 3313, win 613, options [nop,nop,TS val 15886109 ecr 9458671], length 304 10:44:47.623315 IP debian3.net.nt.ssh > 192.168.17.102.3321: Flags [P.], seq 3074944:3075056, ack 2209, win 613, options [nop,nop,TS val 15886109 ecr 9460953], length 112 10:44:47.623394 IP debian3.net.nt.ssh > 192.168.17.102.3321: Flags [P.], seq 3075056:3075104, ack 2209, win 613, options [nop,nop,TS val 15886109 ecr 9460953], length 48 10:44:47.623471 IP debian3.net.nt.ssh > 192.168.17.102.3321: Flags [P.], seq 3075104:3075312, ack 2209, win 613, options [nop,nop,TS val 15886109 ecr 9460953], length 208 10:44:47.623545 IP debian3.net.nt.ssh > 192.168.17.102.3321: Flags [P.], seq 3075312:3075360, ack 2209, win 613, options [nop,nop,TS val 15886109 ecr 9460953], length 48 10:44:47.623619 IP debian3.net.nt.ssh > 192.168.17.102.3321: Flags [P.], seq 3075360:3075408, ack 2209, win 613, options [nop,nop,TS val 15886109 ecr 9460953], length 48 10:44:47.623704 IP debian3.net.nt.ssh > fobos.net.nt.42719: Flags [P.], seq 2311664:2311968, ack 1873, win 861, options [nop,nop,TS val 15886109 ecr 324131586], length 304^C 12330 packets captured 37301 packets received by filter 24940 packets dropped by kernel |
|
#tcpdump src 192.168.13.253
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 10:45:12.081365 IP net.nt.42719 > debian3.net.nt.ssh: Flags [.], ack 288253723, win 7676, options [nop,nop,TS val 324156052 ecr 15892223], length 0 10:45:12.081638 IP net.nt.42719 > debian3.net.nt.ssh: Flags [.], ack 49, win 7676, options [nop,nop,TS val 324156053 ecr 15892223], length 0 10:45:12.081860 IP net.nt.42719 > debian3.net.nt.ssh: Flags [.], ack 161, win 7676, options [nop,nop,TS val 324156053 ecr 15892223], length 0 10:45:12.082103 IP net.nt.42719 > debian3.net.nt.ssh: Flags [.], ack 209, win 7676, options [nop,nop,TS val 324156053 ecr 15892223], length 0 10:45:12.083256 IP net.nt.domain > debian3.net.nt.45705: 65418* 2/1/2 PTR net.nt., PTR fobos.net.nt. (131) 10:45:12.083866 IP net.nt.42719 > debian3.net.nt.ssh: Flags [.], ack 401, win 7676, options [nop,nop,TS val 324156055 ecr 15892224], length 0 10:45:12.084050 IP net.nt.42719 > debian3.net.nt.ssh: Flags [.], ack 449, win 7676, options [nop,nop,TS val 324156055 ecr 15892224], length 0 10:45:12.084353 IP net.nt.42719 > debian3.net.nt.ssh: Flags [.], ack 625, win 7676, options [nop,nop,TS val 324156055 ecr 15892224], length 0 ... 10:45:21.162739 IP net.nt.42719 > debian3.net.nt.ssh: Flags [.], ack 2252657, win 7676, options [nop,nop,TS val 324165134 ecr 15894494], length 0 10:45:21.163248 IP net.nt.42719 > debian3.net.nt.ssh: Flags [.], ack 2252849, win 7676, options [nop,nop,TS val 324165134 ecr 15894494], length 0 10:45:21.163778 IP net.nt.42719 > debian3.net.nt.ssh: Flags [.], ack 2253041, win 7676, options [nop,nop,TS val 324165135 ecr 15894494], length 0 10:45:21.164333 IP net.nt.42719 > debian3.net.nt.ssh: Flags [.], ack 2253233, win 7676, options [nop,nop,TS val 324165135 ecr 15894494], length 0 10:45:21.164963 IP net.nt.42719 > debian3.net.nt.ssh: Flags [.], ack 2253425, win 7676, options [nop,nop,TS val 324165136 ecr 15894494], length 0 10:45:21.165435 IP net.nt.42719 > debian3.net.nt.ssh: Flags [P.], seq 1632:1680, ack 2253425, win 7676, options [nop,nop,TS val 324165137 ecr 15894494], length 48 ^C 11740 packets captured 11740 packets received by filter 0 packets dropped by kernel |
|
#tcpdump dst 192.168.16.13.2
tcpdump: unknown host '192.168.16.13.2' |
|
#tcpdump dst 192.168.13.2
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes ^C 0 packets captured 0 packets received by filter 0 packets dropped by kernel |
|
#tcpdump dst 192.168.13.2 -vv
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes ^C 0 packets captured 0 packets received by filter 0 packets dropped by kernel |
|
#tcpdump dst 192.168.13.2 -vv
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 10:46:07.965541 ARP, Ethernet (len 6), IPv4 (len 4), Reply debian3.net.nt is-at 00:16:3e:00:00:03 (oui Unknown), length 28 ^C 1 packets captured 1 packets received by filter 0 packets dropped by kernel |
|
#iptraf
This program requires a screen size of at least 80 columns by 24 lines Please resize your window |
|
#man trafshow
|
|
#vim /etc/in
|
|
#vim /etc/in
|
|
#vim /etc/in
|
|
#vim /etc/in
|
|
#vim /etc/inetd.conf
|
|
#locate telnetd
/usr/sbin/in.telnetd /usr/share/doc/telnetd /usr/share/doc/telnetd/BUGS /usr/share/doc/telnetd/README.gz /usr/share/doc/telnetd/changelog.Debian.gz /usr/share/doc/telnetd/changelog.gz /usr/share/doc/telnetd/copyright /usr/share/man/man8/in.telnetd.8.gz /usr/share/man/man8/telnetd.8.gz /var/cache/apt/archives/telnetd_0.17-36_i386.deb /var/lib/dpkg/info/telnetd.list /var/lib/dpkg/info/telnetd.md5sums /var/lib/dpkg/info/telnetd.postinst /var/lib/dpkg/info/telnetd.postrm /var/lib/dpkg/info/telnetd.preinst /var/lib/dpkg/info/telnetd.prerm |
|
#vim /etc/inetd.conf
--- /tmp/l3-saved-27042.22861.3827 2013-06-11 11:34:24.000000000 +0300 +++ /etc/inetd.conf 2013-06-11 11:36:02.000000000 +0300 @@ -19,6 +19,8 @@ #daytime stream tcp nowait root internal #time stream tcp nowait root internal +telnetd stream tcp nowait root /usr/sbin/in.telnetd + #:STANDARD: These are standard services. #telnet stream tcp nowait telnetd /usr/sbin/tcpd /usr/sbin/in.telnetd |
|
#/etc/init.d/openbsd-inetd restart
Restarting internet superserver: inetd. |
|
#netstat -nlp
Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 635/portmap tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2362/sshd tcp6 0 0 :::22 :::* LISTEN 2362/sshd udp 0 0 0.0.0.0:111 0.0.0.0:* 635/portmap Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node PID/Program name Path unix 2 [ ACC ] STREAM LISTENING 3647 849/acpid /var/run/acpid.socket |
|
#/etc/init.d/openbsd-inetd restart
Restarting internet superserver: inetd. |
|
#telnet stream tcp nowait root /usr/sbin/in.telnetd
root 15106 0.0 0.1 5076 736 pts/2 S+ 11:37 0:00 grep telnet |
|
#ps aux|grep telnet
root 15291 0.0 0.1 2128 932 ? Ss 11:37 0:00 in.telnetd: fobos.net.nt root 15306 0.0 0.1 5076 736 pts/2 S+ 11:37 0:00 grep telnet |
|
#ps aux|grep telnet
root 15423 0.0 0.1 5076 736 pts/2 S+ 11:37 0:00 grep telnet |
|
#ps aux|grep telnet
root 15441 0.0 0.1 5076 736 pts/2 S+ 11:37 0:00 grep telnet |
|
#ps aux|grep telnet
root 15468 0.0 0.1 5076 736 pts/2 S+ 11:37 0:00 grep telnet |
|
#ps aux|grep telnet
root 15495 0.0 0.1 5076 736 pts/2 S+ 11:37 0:00 grep telnet |
|
#ps aux|grep telnet
root 15516 0.0 0.1 5076 740 pts/2 S+ 11:37 0:00 |