0

OS = Debian 10.

When I run netstat -natp, I have two unidentified entries which are concerning.

tcp        0      0 127.0.0.1:6379          0.0.0.0:*               LISTEN      24310/redis-server  


tcp6       0      0 :::4949                 :::*                    LISTEN      1556/perl

I keep the system updated weekly and do not remember seeing or installing redis-server. Also, I cannot find a program outside of munin associated with perl on port 4949. Any help or advice is appreciated.

branch.lizard
  • 101
  • 1
  • 1
    What exactly do you want help or advice with? You seem to have correctly identified the running programs. – Michael Hampton Jun 12 '20 at 03:17
  • Do you have any idea why `redis-server` would just show up in the netstat entries? Also, should I be concerned about perl listening on port 4949? – branch.lizard Jun 12 '20 at 03:21
  • 1
    Because someone installed it, and because it's a Debian system, Debian autostarted it. I have no idea whether you should be concerned about what appears to be munin-node. – Michael Hampton Jun 12 '20 at 03:23
  • Took at look at `/var/log/apt/history.log` and found `redis-server` tied as a dependency to `ntopng` which was installed recently. I attempted to purge the program, but I guess it was left behind. Still searching for `munin`. It may not seem like it, but your questioning has helped. `sudo apt purge redis*` removed the `netstat` entry. – branch.lizard Jun 12 '20 at 03:27
  • 1
    Consider the possibility that it might be something else? Check its command line, e.g. with `ps 1506`. – Michael Hampton Jun 12 '20 at 03:37
  • `1556 ? Ss 1:04 /usr/bin/perl -wT /usr/sbin/munin-node` look to be a munin-node – branch.lizard Jun 12 '20 at 03:42

1 Answers1

0

Took at look at /var/log/apt/history.log and found redis-server tied as a dependency to ntopng which was installed recently. I attempted to purge the program, but I guess it was left behind. sudo apt purge redis* removed the netstat entry.

After running sudo ps 1556 (as suggested by Michael Hampton above), the perl program seems to be a munin-node. It seems the munin node is a dependency tied to the virt-goodies package used for virtualbox. It seems to only be listening to local traffic and is needed for vituralbox to run properly, so I will be leaving it.

branch.lizard
  • 101
  • 1