ssh connection with localhost.6010

From: Edgardo Mina (edgardo@staff.singnet.com.sg)
Date: 02/28/03 

Date: Fri, 28 Feb 2003 10:47:20 +0800
To: secureshell@securityfocus.com
From: Edgardo Mina <edgardo@staff.singnet.com.sg>

Hi SSH gurus,

can somebody explain to me, why is it that every time i connect to my
server, it open a ports for ssh starting with 6010, when an ssh connection
is established it supposed to be on port 22. how can we eliminate this from
happening since from my understanding this port will be open and starts
listening. an example of my netstat is here with 2 ssh connection, please
notice the 2 localhost using port 6010 and 6011 and with state of LISTEN

UDP: IPv4
    Local Address Remote Address State
-------------------- -------------------- -------
       *.syslog Idle
       *.177 Idle
       *.* Unbound

TCP: IPv4
    Local Address Remote Address Swind Send-Q Rwind Recv-Q State
-------------------- -------------------- ----- ------ ----- ------ -------
       *.* *.* 0 0 24576 0 IDLE
       *.5987 *.* 0 0 24576 0 LISTEN
       *.898 *.* 0 0 24576 0 LISTEN
       *.32768 *.* 0 0 24576 0 LISTEN
       *.9010 *.* 0 0 24576 0 LISTEN
       *.32769 *.* 0 0 24576 0 LISTEN
       *.https *.* 0 0 24576 0 LISTEN
       *.www *.* 0 0 24576 0 LISTEN
       *.ssh *.* 0 0 24576 0 LISTEN
       *.6000 *.* 0 0 24576 0 LISTEN
tp-mrtg.ssh dhcp143.domain.com.sg.1367 17392 47 24820 0
ESTABLISHED
localhost.6010 *.* 0 0 24576 0 LISTEN
tp-mrtg.ssh dhcp143.domain.com.sg.1384 16224 0 24820 0
ESTABLISHED
localhost.6011 *.* 0 0 24576 0 LISTEN
       *.* *.* 0 0 24576 0 IDLE

TCP: IPv6
    Local Address Remote Address Swind
Send-Q Rwind Recv-Q State If
--------------------------------- --------------------------------- -----
------ ----- ------ ----------- -----
       *.* *.* 0
     0 24576 0 IDLE

Active UNIX domain sockets
Address Type Vnode Conn Local Addr Remote Addr
300016fcf38 stream-ord 00000000 00000000
300016fd0e8 stream-ord 30000be2318 00000000
/tmp/ssh-gdazU440/agent.440
300016fd298 stream-ord 00000000 00000000 (socketpair)
300016fd448 stream-ord 00000000 00000000
300016fd5f8 stream-ord 30000be26d8 00000000
/tmp/ssh-ROgev370/agent.370
300016fd7a8 stream-ord 00000000 00000000 (socketpair)
300016fd958 stream-ord 30000915bc0 00000000 /tmp/.X11-unix/X0
300016fdb08 stream-ord 00000000 00000000
300016fdcb8 stream-ord 30001706fc0 00000000 /var/spool/prngd/pool

hope you can help me,

thanks and regards,
Ed

Relevant Pages

  • Re: ssh gives "Permission denied, please try again"
    ... port 22 on your internal machine, so you will need to keep ssh up to ... I configure the router to forward a different external port to 22 on my ... For good measure pick usernames that are none obvious, ... root/password: 163 times ...
    (uk.comp.os.linux)
  • [NEWS] SSH service at Dell DRAC4 Denial of Service (Mocana)
    ... SSH service at Dell DRAC4 Denial of Service ... Dell Remote Access Card 4 allows customers to effectively manage ... After the use of such a port scanner, ...
    (Securiteam)
  • Re: Remote Desktop directly to another computer on the network
    ... default port... ... And there is no reason for me to believe that ssh ... When I have a multibillion company I will use the key pair, ... WinSCP for that to access my home SSH server. ...
    (microsoft.public.windowsxp.work_remotely)
  • Re: SSH safety
    ... SSH safety (J.L. ... FC3 missing KDE menu items ... I was wondering how safe it is to open the ssh port up to the internet. ...
    (Fedora)
  • Re: Mac `owned in hacking competition
    ... the router's port forwarding rules. ... The firewall or a NAT router only stops connections initiated from ... ssh will let you set up forwarded ports in both ... You start an ssh session from the target machine (this is ...
    (uk.comp.sys.mac)