netstat -tap
Code:
root@serv14:/etc/dovecot# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:ssh *:* LISTEN 924/sshd
tcp 0 0 localhost.localdom:9030 *:* LISTEN 2944/php-fpm.conf)
tcp 0 0 localhost.localdom:9000 *:* LISTEN 2944/php-fpm.conf)
tcp 0 0 localhost.localdo:10024 *:* LISTEN 1240/amavisd (maste
tcp 0 0 localhost.localdo:10025 *:* LISTEN 3091/master
tcp 0 0 *:mysql *:* LISTEN 4257/mysqld
tcp 0 0 *:submission *:* LISTEN 3091/master
tcp 0 0 *:pop3 *:* LISTEN 1133/dovecot
tcp 0 0 *:imap2 *:* LISTEN 1133/dovecot
tcp 0 0 *:http *:* LISTEN 2798/nginx
tcp 0 0 *:http-alt *:* LISTEN 2798/nginx
tcp 0 0 *:81 *:* LISTEN 3335/apache2
tcp 0 0 *:tproxy *:* LISTEN 2798/nginx
tcp 0 0 *:8082 *:* LISTEN 2798/nginx
tcp 0 0 localhost.localdom:9011 *:* LISTEN 2944/php-fpm.conf)
tcp 0 0 *:8083 *:* LISTEN 2798/nginx
tcp 0 0 *:ftp *:* LISTEN 3113/pure-ftpd (SER
tcp 0 0 localhost.localdom:9013 *:* LISTEN 2944/php-fpm.conf)
tcp 0 0 scesgo.com.br:domain *:* LISTEN 1120/named
tcp 0 0 dns25513.dizinc.:domain *:* LISTEN 1120/named
tcp 0 0 dns25514.dizinc.:domain *:* LISTEN 1120/named
tcp 0 0 serv14.vecks.com:domain *:* LISTEN 1120/named
tcp 0 0 localhost.locald:domain *:* LISTEN 1120/named
tcp 0 0 localhost.localdom:9015 *:* LISTEN 2944/php-fpm.conf)
tcp 0 0 localhost.lo:postgresql *:* LISTEN 1265/postgres
tcp 0 0 *:smtp *:* LISTEN 3091/master
tcp 0 0 localhost.localdoma:953 *:* LISTEN 1120/named
tcp 0 0 scesgo.com.br:https *:* LISTEN 2798/nginx
tcp 0 0 localhost.localdom:2812 *:* LISTEN 3429/monit
tcp 0 0 localhost.localdom:9021 *:* LISTEN 2944/php-fpm.conf)
tcp 0 0 *:6081 *:* LISTEN 3165/varnishd
tcp 0 0 *:41121 *:* LISTEN 3136/perl
tcp 0 0 *:imaps *:* LISTEN 1133/dovecot
tcp 0 0 localhost.localdom:6082 *:* LISTEN 3164/varnishd
tcp 0 0 localhost.localdom:9026 *:* LISTEN 2944/php-fpm.conf)
tcp 0 0 *:pop3s *:* LISTEN 1133/dovecot
]tcp 0 0 scesgo.com.br:http 201-15-113-25.gna:50592 ESTABLISHED 2799/nginx: worker
tcp 0 0 localhost.localdo:mysql localhost.localdo:60604 ESTABLISHED 4257/mysqld
tcp 0 0 scesgo.com.br:http 187.113.38.202.st:37497 ESTABLISHED 2799/nginx: worker
tcp 0 0 localhost.localdo:mysql localhost.localdo:60600 ESTABLISHED 4257/mysqld
tcp 0 385476 scesgo.com.br:http 189-72-210-28.gna:49569 ESTABLISHED 2803/nginx: worker
tcp 0 114372 scesgo.com.br:http 189-74-52-71.gnal:61290 ESTABLISHED 2800/nginx: worker
tcp 0 0 scesgo.com.br:http 201-15-113-25.gna:50582 ESTABLISHED 2799/nginx: worker
tcp 0 0 localhost.localdo:60604 localhost.localdo:mysql ESTABLISHED 5242/smtpd
tcp 0 43645 scesgo.com.br:http 189-74-52-71.gnal:61293 ESTABLISHED 2800/nginx: worker
tcp 0 119520 scesgo.com.br:http 187.115.67.17.sta:58437 ESTABLISHED 2803/nginx: worker
tcp 0 250560 scesgo.com.br:http 187-032-127-109.s:45524 ESTABLISHED 2799/nginx: worker
tcp 0 0 scesgo.com.br:http 189-70-160-137.use:2102 ESTABLISHED 2801/nginx: worker
tcp 0 0 scesgo.com.br:http 201.86.184.50.dyna:3432 TIME_WAIT -
tcp 0 0 scesgo.com.br:http 189-72-231-21.e.gn:1386 ESTABLISHED 2800/nginx: worker
tcp 0 0 scesgo.com.br:http 201-15-113-25.gna:50590 ESTABLISHED 2799/nginx: worker
tcp 0 0 localhost.localdo:60603 localhost.localdo:mysql ESTABLISHED 5242/smtpd
tcp 0 0 scesgo.com.br:http 201.86.184.50.dyna:3430 TIME_WAIT -
tcp 0 0 serv14.vecks.com.:55658 kudan.canonical.co:http TIME_WAIT -
tcp 0 0 localhost.localdo:mysql localhost.localdo:60606 ESTABLISHED 4257/mysqld
tcp 0 0 localhost.localdo:mysql localhost.localdo:60605 ESTABLISHED 4257/mysqld
tcp 0 0 serv14.vecks.com.:60787 haetae.canonical.c:http TIME_WAIT -
tcp 0 220704 scesgo.com.br:http 177.157.94.147.dyn:1401 ESTABLISHED 2800/nginx: worker
tcp 0 0 scesgo.com.br:http 201-15-113-25.gna:50585 ESTABLISHED 2799/nginx: worker
tcp 0 0 scesgo.com.br:http 201-15-113-25.gna:50591 ESTABLISHED 2799/nginx: worker
tcp 0 0 localhost.localdo:60600 localhost.localdo:mysql ESTABLISHED 7596/trivial-rewrit
tcp 0 0 scesgo.com.br:http 189-72-231-21.e.gn:1390 ESTABLISHED 2800/nginx: worker
tcp 0 0 localhost.localdo:60599 localhost.localdo:mysql ESTABLISHED 7816/proxymap
tcp 0 0 scesgo.com.br:http 189-72-231-21.e.gn:1384 ESTABLISHED 2800/nginx: worker
tcp 0 0 scesgo.com.br:smtp 50.22.82.220-stat:58652 TIME_WAIT -
tcp 0 0 localhost.localdo:10025 localhost.localdo:58816 TIME_WAIT -
tcp 0 0 localhost.localdo:mysql localhost.localdo:60603 ESTABLISHED 4257/mysqld
tcp 0 0 serv14.vecks.com.:38046 odd.varnish-softwa:http TIME_WAIT -
tcp 0 0 localhost.localdo:60602 localhost.localdo:mysql ESTABLISHED 5242/smtpd
tcp 0 0 localhost.localdo:mysql localhost.localdo:60442 ESTABLISHED 4257/mysqld
tcp 0 55068 scesgo.com.br:http 189-74-52-71.gnal:61294 ESTABLISHED 2800/nginx: worker
tcp 0 115784 scesgo.com.br:http 189-74-52-71.gnal:61292 ESTABLISHED 2800/nginx: worker
tcp 0 0 serv14.vecks.com.:45655 jatoba.canonical.c:http TIME_WAIT -
tcp 0 48008 scesgo.com.br:http 189-74-52-71.gnal:64878 ESTABLISHED -
tcp 0 0 scesgo.com.br:pop3 serv192.scesgo.co:50865 TIME_WAIT -
tcp 0 0 localhost.localdo:mysql localhost.localdo:60601 ESTABLISHED 4257/mysqld
tcp 0 0 localhost.localdo:10025 localhost.localdo:58756 TIME_WAIT -
tcp 0 108724 scesgo.com.br:http 189-74-52-71.gnal:61288 ESTABLISHED 2800/nginx: worker
tcp 0 0 scesgo.com.br:http 201.86.184.50.dyna:3433 TIME_WAIT -
tcp 0 0 scesgo.com.br:http 187.4.99.33:50676 ESTABLISHED 2800/nginx: worker
tcp 0 0 serv14.vecks.com.:45631 jatoba.canonical.c:http TIME_WAIT -
tcp 0 213250 scesgo.com.br:http 201.22.177.140.dy:rootd FIN_WAIT1 -
tcp 0 0 scesgo.com.br:http 187.4.99.33:50698 ESTABLISHED 2800/nginx: worker
tcp 0 36 dns25513.dizinc.com:ssh 177.17.199.240.dy:46833 ESTABLISHED 2469/0
tcp 0 0 localhost.localdo:10025 localhost.localdo:58818 ESTABLISHED 7637/smtpd
tcp 0 0 localhost.localdo:mysql localhost.localdo:60614 ESTABLISHED 4257/mysqld
tcp 0 0 localhost.localdo:mysql localhost.localdo:60602 ESTABLISHED 4257/mysqld
tcp 0 0 scesgo.com.br:http 189-72-231-21.e.gn:1396 ESTABLISHED 2800/nginx: worker
tcp 0 0 localhost.localdo:58821 localhost.localdo:10025 ESTABLISHED 7835/amavisd (ch2-a
tcp 0 0 localhost.localdo:10025 localhost.localdo:58821 ESTABLISHED 7841/smtpd
tcp 0 0 scesgo.com.br:http 201-15-113-25.gna:50583 ESTABLISHED 2799/nginx: worker
tcp 0 0 serv14.vecks.com.:56795 scandium.canonical:http TIME_WAIT -
tcp 0 0 serv14.vecks.com.:35984 orobas.canonical.c:http TIME_WAIT -
tcp 0 283140 scesgo.com.br:http 201-15-83-128.gnac:3945 ESTABLISHED 2803/nginx: worker
tcp 0 0 scesgo.com.br:http 189-70-160-137.use:2094 ESTABLISHED 2801/nginx: worker
tcp 0 0 scesgo.com.br:http 187.4.99.33:50674 ESTABLISHED 2800/nginx: worker
tcp 0 0 localhost.localdo:60442 localhost.localdo:mysql ESTABLISHED 7175/amavisd (ch7-a
tcp 0 0 scesgo.com.br:http 189-72-231-21.e.gn:1382 ESTABLISHED 2800/nginx: worker
tcp 0 0 scesgo.com.br:http 189-72-231-21.e.gn:1380 ESTABLISHED 2800/nginx: worker
tcp 0 0 serv14.vecks.com.:59141 obake.canonical.co:http TIME_WAIT -
tcp 0 0 scesgo.com.br:http 201-15-113-25.gna:50584 ESTABLISHED 2799/nginx: worker
tcp 0 0 localhost.localdo:60164 localhost.localdo:mysql TIME_WAIT -
tcp 0 0 scesgo.com.br:pop3 serv192.scesgo.co:49409 TIME_WAIT -
tcp 0 0 scesgo.com.br:http 187.4.99.33:50675 ESTABLISHED 2800/nginx: worker
tcp 0 0 localhost.localdo:60614 localhost.localdo:mysql ESTABLISHED 7835/amavisd (ch2-a
tcp 0 0 localhost.localdo:60605 localhost.localdo:mysql ESTABLISHED 7816/proxymap
tcp 0 132728 scesgo.com.br:http 189-74-52-71.gnal:61289 ESTABLISHED 2800/nginx: worker
tcp 0 0 localhost.localdom:http localhost.localdo:53955 TIME_WAIT -
tcp 0 388800 scesgo.com.br:http 187-032-127-109.s:45528 ESTABLISHED 2799/nginx: worker
tcp 0 0 scesgo.com.br:http 187.4.99.33:50677 ESTABLISHED 2800/nginx: worker
tcp 0 79072 scesgo.com.br:http 189-74-52-71.gnal:64879 ESTABLISHED -
tcp 0 0 scesgo.com.br:http 187.4.99.33:50672 ESTABLISHED 2800/nginx: worker
tcp 0 0 localhost.localdo:60606 localhost.localdo:mysql ESTABLISHED 7816/proxymap
tcp 0 66364 scesgo.com.br:http 189-74-52-71.gnal:64814 ESTABLISHED 2799/nginx: worker
tcp 0 0 scesgo.com.br:http 187.113.38.202.st:37488 ESTABLISHED 2800/nginx: worker
tcp 0 0 localhost.localdo:57652 localhost.localdoma:ftp TIME_WAIT -
tcp 0 0 scesgo.com.br:http 201-15-113-25.gna:50581 ESTABLISHED 2799/nginx: worker
tcp 0 0 scesgo.com.br:http 177.157.94.147.dyn:1380 ESTABLISHED 2800/nginx: worker
tcp 0 0 localhost.localdo:mysql localhost.localdo:60599 ESTABLISHED 4257/mysqld
tcp 0 0 localhost.localdom:http localhost.localdo:53941 TIME_WAIT -
tcp 0 0 scesgo.com.br:http 187.4.99.33:50673 ESTABLISHED 2800/nginx: worker
tcp 0 0 localhost.localdo:60601 localhost.localdo:mysql ESTABLISHED 7816/proxymap
tcp 0 0 scesgo.com.br:http 187.113.38.202.st:37489 ESTABLISHED 2800/nginx: worker
tcp 0 0 scesgo.com.br:http 189-72-231-21.e.gn:1388 ESTABLISHED 2800/nginx: worker
tcp 0 0 localhost.localdo:58818 localhost.localdo:10025 ESTABLISHED 7175/amavisd (ch7-a
tcp 0 0 scesgo.com.br:http 189-72-231-21.e.gn:1395 ESTABLISHED 2800/nginx: worker
tcp6 0 0 [::]:ssh [::]:* LISTEN 924/sshd
tcp6 0 0 [::]:submission [::]:* LISTEN 3091/master
tcp6 0 0 [::]:pop3 [::]:* LISTEN 1133/dovecot
tcp6 0 0 [::]:imap2 [::]:* LISTEN 1133/dovecot
tcp6 0 0 [::]:ftp [::]:* LISTEN 3113/pure-ftpd (SER
tcp6 0 0 [::]:domain [::]:* LISTEN 1120/named
tcp6 0 0 [::]:smtp [::]:* LISTEN 3091/master
tcp6 0 0 ip6-localhost:953 [::]:* LISTEN 1120/named
tcp6 0 0 [::]:6081 [::]:* LISTEN 3165/varnishd
tcp6 0 0 [::]:imaps [::]:* LISTEN 1133/dovecot
tcp6 0 0 [::]:pop3s [::]:* LISTEN 1133/dovecot
Code:
root@serv14:/etc/dovecot# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
fail2ban-dovecot-pop3imap tcp -- anywhere anywhere multiport dports pop3,pop3s,imap2,imaps
fail2ban-pureftpd tcp -- anywhere anywhere multiport dports ftp
fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh
DROP tcp -- anywhere loopback/8
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
DROP all -- base-address.mcast.net/4 anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
DROP all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
DROP all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
Chain INT_IN (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
DROP all -- anywhere anywhere
Chain INT_OUT (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain PAROLE (21 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain PUB_IN (5 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp echo-reply
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp echo-request
PAROLE tcp -- anywhere anywhere tcp dpt:ftp-data
PAROLE tcp -- anywhere anywhere tcp dpt:ftp
PAROLE tcp -- anywhere anywhere tcp dpt:22
PAROLE tcp -- anywhere anywhere tcp dpt:smtp
PAROLE tcp -- anywhere anywhere tcp dpt:domain
PAROLE tcp -- anywhere anywhere tcp dpt:http
PAROLE tcp -- anywhere anywhere tcp dpt:pop3
PAROLE tcp -- anywhere anywhere tcp dpt:imap2
PAROLE tcp -- anywhere anywhere tcp dpt:https
PAROLE tcp -- anywhere anywhere tcp dpt:submission
PAROLE tcp -- anywhere anywhere tcp dpt:imaps
PAROLE tcp -- anywhere anywhere tcp dpt:pop3s
PAROLE tcp -- anywhere anywhere tcp dpt:ssh
PAROLE tcp -- anywhere anywhere tcp dpt:5232
PAROLE tcp -- anywhere anywhere tcp dpt:2812
PAROLE tcp -- anywhere anywhere tcp dpt:http-alt
PAROLE tcp -- anywhere anywhere tcp dpt:tproxy
PAROLE tcp -- anywhere anywhere tcp dpt:8082
PAROLE tcp -- anywhere anywhere tcp dpt:8083
PAROLE tcp -- anywhere anywhere tcp dpt:webmin
PAROLE tcp -- anywhere anywhere tcp dpts:40000:45000
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:mysql
ACCEPT udp -- anywhere anywhere udp dpt:5232
DROP icmp -- anywhere anywhere
DROP all -- anywhere anywhere
Chain PUB_OUT (5 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain fail2ban-dovecot-pop3imap (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain fail2ban-pureftpd (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain fail2ban-ssh (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
You have new mail in /var/mail/root
root@serv14:/etc/dovecot#