High outbound network traffic on Tomcat under process nodeJR

Question

We are investigating high outbound traffic on Tomcat servers hosted on AWS instances.

The specific question I have is what the process nodeJR is - and how it could get installed under Tomcat?

The situation:

• There were open TCP connections from my IP to 162.221.12.185
• 165.221.12.185 is resolving as “clear-ddos.com” which is a DDOS scrubbing service
• The Admin team blocked all inbound / outbound traffic to 165.221.12.185
• The network traffic stabilized after blocking the traffic
• Via a netstat we saw the Tomcat server was still attempting to establish the TCP connection, however it was failing since the traffic was blocked. We saw multiple SYN requests and re-tries
• We tied this connection to the process “nodeJR”, it appears this was installed under root 7 days back

tcp 0 1 172.x.x.x:35073 162.221.12.185:10991 SYN_SENT 7950/./nodeJR

• We killed the process and restarted the server. The process did not restart.

As per @metacom's comment, I ran strings on the /nodeJR process. ldd says not a dynamic executable

In between the wall of 4-character text - I can see

QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQj
WVSV
@@=<
;F<s
P XZ
WVSQ
GLIBCXX_FORCE_NEW
%s:%s
%d:%d
www.baidu.com
fake.cfg
GLIBCXX_FORCE_NEW
dlcfg
St12out_of_range
GLIBCXX_FORCE_NEW
vector::_M_insert_aux
GLIBCXX_FORCE_NEW
vector::_M_insert_aux
8.8.8.8
GLIBCXX_FORCE_NEW
253-312-21/094
2/:82
GLIBCXX_FORCE_NEW
/proc/cpuinfo
cpu MHz
cpu MHz         : %d.%d
/proc/stat
cpu %llu %llu %llu %llu
processor
%s %llu %llu %llu %llu
/proc/net/dev
%7s %llu %lu %lu %lu %lu %lu %lu %lu %llu %lu %lu %lu %lu %lu %lu %lu
13CThreadAttack
GLIBCXX_FORCE_NEW
vector::_M_insert_aux
vector::_M_fill_insert
(%d)
19CThreadAttackKernal
GLIBCXX_FORCE_NEW
/proc/net/route
%5s %8x %8x %s
/proc/net/arp
%16s 0x%d 0x%d %20s %s
%2x:%2x:%2x:%2x:%2x:%2x
/proc/net/pktgen/kpktgend_%d
add_device eth%d
rem_device_all
max_before_softirq 10000
/proc/net/pktgen/eth%d
count 0
clone_skb 0
min_pkt_size %d
max_pkt_size %d
TXSIZE_RND
src_min %s
src_max %s
IPSRC_RND
udp_src_min %d
udp_src_max %d
UDPSRC_RND
dst %s
dst_mac %02x:%02x:%02x:%02x:%02x:%02x
udp_dst_min %d
udp_dst_max %d
loop_type %d
multi_dst %s
delay %d
pkt_type %d
dns_domain %s
start
/proc/net/pktgen/pgctrl
17CThreadHostStatus
GLIBCXX_FORCE_NEW
18CThreadTaskManager
12CThreadTimer
GLIBCXX_FORCE_NEW
.ndfs30_api_log_utility_file_cut_and_move
DEBUG
INFO
WARNING
FATAL
[ %02d.%02d %02d:%02d:%02d.%03ld ] [%lu] [%s] %s
5CMd5A
%02x
7CThread
GLIBCXX_FORCE_NEW
%lld
vector::_M_insert_aux
%d.%d.%d.%d
vector::_M_fill_insert
/proc/%d/exe
FATAL: exception not rethrown
2.3.5
/proc/sys/kernel/version
GLIBCXX_FORCE_NEW
St15underflow_error
St14overflow_error
St11range_error
St12length_error
St16invalid_argument
St12domain_error
NSt8ios_base7failureE
St11logic_error
St13runtime_error
St13basic_filebufIcSt11char_traitsIcEE
St14basic_ifstreamIcSt11char_traitsIcEE
St14basic_ofstreamIcSt11char_traitsIcEE
St13basic_fstreamIcSt11char_traitsIcEE
St13basic_filebufIwSt11char_traitsIwEE
St14basic_ifstreamIwSt11char_traitsIwEE
St14basic_ofstreamIwSt11char_traitsIwEE
St13basic_fstreamIwSt11char_traitsIwEE
basic_filebuf::_M_convert_to_external conversion error
basic_filebuf::underflow codecvt::max_length() is not valid
basic_filebuf::underflow incomplete character in file
basic_filebuf::underflow invalid byte sequence in file
basic_filebuf::underflow error reading the file
basic_filebuf::xsgetn error reading the file
St9basic_iosIcSt11char_traitsIcEE
St9basic_iosIwSt11char_traitsIwEE
St14basic_iostreamIwSt11char_traitsIwEE
basic_ios::clear
St13basic_istreamIwSt11char_traitsIwEE
St12ctype_bynameIcE
St23__codecvt_abstract_baseIcc11__mbstate_tE
St8numpunctIcE
St7collateIcE
St17__timepunct_cacheIcE
St11__timepunctIcE
St10moneypunctIcLb1EE
St10moneypunctIcLb0EE
St8messagesIcE
St17moneypunct_bynameIcLb0EE
St17moneypunct_bynameIcLb1EE
St9money_getIcSt19istreambuf_iteratorIcSt11char_traitsIcEEE
St9money_putIcSt19ostreambuf_iteratorIcSt11char_traitsIcEEE
St15numpunct_bynameIcE
St7num_getIcSt19istreambuf_iteratorIcSt11char_traitsIcEEE
St7num_putIcSt19ostreambuf_iteratorIcSt11char_traitsIcEEE
St8time_putIcSt19ostreambuf_iteratorIcSt11char_traitsIcEEE
St15time_put_bynameIcSt19ostreambuf_iteratorIcSt11char_traitsIcEEE
St8time_getIcSt19istreambuf_iteratorIcSt11char_traitsIcEEE
St15time_get_bynameIcSt19istreambuf_iteratorIcSt11char_traitsIcEEE
St15messages_bynameIcE
St14codecvt_bynameIcc11__mbstate_tE
St14collate_bynameIcE
St18__moneypunct_cacheIcLb0EE
St18__moneypunct_cacheIcLb1EE
St16__numpunct_cacheIcE
St21__ctype_abstract_baseIcE
St12codecvt_base
St10ctype_base
St10money_base
St13messages_base
St9time_base
POSIX
%m/%d/%y
%H:%M
%H:%M:%S
%.*Lf
St13basic_ostreamIwSt11char_traitsIwEE
St15basic_streambufIcSt11char_traitsIcEE
St15basic_streambufIwSt11char_traitsIwEE
basic_string::at
basic_string::compare
basic_string::copy
basic_string::_S_create
basic_string::basic_string
basic_string::substr
basic_string::assign
basic_string::_M_replace_aux
basic_string::replace
basic_string::insert
basic_string::erase
basic_string::append
basic_string::resize
basic_string::_S_construct NULL not valid
St21__ctype_abstract_baseIwE
St12ctype_bynameIwE
St23__codecvt_abstract_baseIwc11__mbstate_tE
St8numpunctIwE
St7collateIwE
St17__timepunct_cacheIwE
St11__timepunctIwE
St10moneypunctIwLb1EE
St10moneypunctIwLb0EE
St8messagesIwE
St17moneypunct_bynameIwLb0EE
St17moneypunct_bynameIwLb1EE
St9money_getIwSt19istreambuf_iteratorIwSt11char_traitsIwEEE
St9money_putIwSt19ostreambuf_iteratorIwSt11char_traitsIwEEE
St15numpunct_bynameIwE
St7num_getIwSt19istreambuf_iteratorIwSt11char_traitsIwEEE
St7num_putIwSt19ostreambuf_iteratorIwSt11char_traitsIwEEE
St8time_putIwSt19ostreambuf_iteratorIwSt11char_traitsIwEEE
St15time_put_bynameIwSt19ostreambuf_iteratorIwSt11char_traitsIwEEE
St8time_getIwSt19istreambuf_iteratorIwSt11char_traitsIwEEE
St15time_get_bynameIwSt19istreambuf_iteratorIwSt11char_traitsIwEEE
St15messages_bynameIwE
St14codecvt_bynameIwc11__mbstate_tE
St14collate_bynameIwE
St18__moneypunct_cacheIwLb0EE
St18__moneypunct_cacheIwLb1EE
St16__numpunct_cacheIwE
print
cntrl
upper
lower
alpha
xdigit
alnum
graph
true
false
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
March
April
June
July
August
September
October
November
December
LC_CTYPE
LC_NUMERIC
LC_TIME
LC_COLLATE
LC_MONETARY
LC_MESSAGES
LC_PAPER
LC_NAME
LC_ADDRESS
LC_TELEPHONE
LC_MEASUREMENT
LC_IDENTIFICATION
locale::facet::_S_create_c_locale name not valid
St9exception
St13bad_exception
N9__gnu_cxx14recursive_initE
St9bad_alloc
pure virtual method called
St9type_info
St8bad_cast
St10bad_typeid
N10__cxxabiv117__class_type_infoE
N10__cxxabiv120__si_class_type_infoE
N10__cxxabiv121__vmi_class_type_infoE
St7codecvtIcc11__mbstate_tE
St7codecvtIwc11__mbstate_tE
St5ctypeIcE
St5ctypeIwE
St8ios_base
ios_base::_M_grow_words allocation failed
ios_base::_M_grow_words is not valid
NSt6locale5facetE
locale::_S_normalize_category category not found
locale::_Impl::_M_replace_facet
-+xX0123456789abcdef0123456789ABCDEF
-+xX0123456789abcdefABCDEF
-0123456789
AKST
terminate called recursively
  what():  
terminate called after throwing an instance of '
terminate called without an active exception
std::allocator
std::basic_string
std::string
std::istream
basic_istream
std::ostream
basic_ostream
std::iostream
basic_iostream
delete[]
delete
new[]
sizeof 
bool
boolean
byte
long double
float
__float128
unsigned char
unsigned int
unsigned
unsigned long
unsigned __int128
unsigned short
void
wchar_t
unsigned long long
_GLOBAL_
(anonymous namespace)
string literal
VTT for 
construction vtable for 
-in-
typeinfo for 
typeinfo name for 
typeinfo fn for 
non-virtual thunk to 
covariant return thunk to 
java Class for 
guard variable for 
reference temporary for 
operator
operator 
) : (
 restrict
 volatile
 const
complex 
imaginary 
global constructors keyed to 
global destructors keyed to 
std::basic_string<char, std::char_traits<char>, std::allocator<char> >
std::basic_istream<char, std::char_traits<char> >
std::basic_ostream<char, std::char_traits<char> >
std::basic_iostream<char, std::char_traits<char> >
/proc/sys/kernel/osrelease
FATAL: kernel too old
FATAL: cannot determine kernel version
/dev/null
set_thread_area failed when setting up thread-local storage
LC_ALL
LOCPATH
/usr/lib/locale
LANG
/usr/lib/locale/locale-archive
ANSI_X3.4-1968
POSIX
/usr/share/locale
messages
OUTPUT_CHARSET
charset=
LANGUAGE
/locale.alias
/usr/share/locale
plural=
nplurals=
UUUU
?3333
    ^B{ I
inity
[Am-
kpnJ
uD;s
)r+[
[!|n
uYD?e
I9C-
I!G.
U^h6LU3
U.y`
3?Cy
'_Djz
$po?b
w};u
=t%j
MP0!
t0tv
=u8Q)+
*~xx
~j2=
|;#o
Ac+;
^2XX%
!{>;b
dI@B
2I%%
LIBC_FATAL_STDERR_
/dev/tty
======= Backtrace: =========
======= Memory map: ========
/proc/self/maps
,ccs=
malloc: using debugging hooks
malloc: top chunk is corrupt
<unknown>
corrupted double-linked list
free(): invalid pointer
malloc(): memory corruption
realloc(): invalid pointer
realloc(): invalid size
realloc(): invalid next size
TOP_PAD_
PERTURB_
MMAP_MAX_
TRIM_THRESHOLD_
MMAP_THRESHOLD_
Arena %d:
system bytes     = %10u
in use bytes     = %10u
Total (incl. mmap):
max mmap regions = %10u
max mmap bytes   = %10lu
*** glibc detected *** %s: %s: 0x%s ***
free(): invalid next size (fast)
free(): invalid next size (normal)
double free or corruption (fasttop)
double free or corruption (top)
double free or corruption (out)
double free or corruption (!prev)
malloc(): memory corruption (fast)
ANSI_X3.4-1968//TRANSLIT
/etc/localtime
Universal
%[^0-9,+-]
%hu:%hu:%hu
M%hu.%hu.%hu%n
/usr/share/zoneinfo
TZDIR
posixrules
%Y-%m-%d
%I:%M:%S %p
GETCONF_DIR
/usr/libexec/getconf
/POSIX_V6_
/proc/sys/kernel/ngroups_max
LP64_OFF64
LPBIG_OFFBIG
/proc/sys/kernel/rtsig-max
/dev/log
out of memory [
<%d>
%h %e %T 
[%d]
/dev/console
syslog: unknown facility/priority: %x
/proc
/etc/mtab
/etc/fstab
proc
/cpuinfo
processor
/meminfo
MemTotal: %ld kB
MemFree: %ld kB
%d.%d.%d.%d
gethostbyname_r
hosts
/var/run/nscd/socket
dlopen
cannot create TLS data structures
cannot extend global scope
cannot create scope list
invalid mode for dlopen()
DST not allowed in SUID/SGID programs
empty dynamic string token substitution
opening file=%s [%lu]; direct_opencount=%u
TLS generation counter wrapped!  Please report this.
no more namespaces available for dlmopen()
invalid target namespace in dlmopen()
shared object not open
calling fini: %s [%lu]
closing file=%s; direct_opencount=%u
file=%s [%lu];  destroying link map
TLS generation counter wrapped!  Please report as described in <http://www.gnu.org/software/libc/bugs.html>.
i386
i486
i586
i686
apic
mtrr
cmov
pse36
clflush
acpi
fxsr
sse2
ia64
GCONV_PATH
GETCONF_DIR
HOSTALIASES
LD_AUDIT
LD_DEBUG
LD_DEBUG_OUTPUT
LD_DYNAMIC_WEAK
LD_LIBRARY_PATH
LD_ORIGIN_PATH
LD_PRELOAD
LD_PROFILE
LD_SHOW_AUXV
LD_USE_LOAD_BIAS
LOCALDOMAIN
LOCPATH
MALLOC_TRACE
NLSPATH
RESOLV_HOST_CONF
RES_OPTIONS
TMPDIR
TZDIR
LD_AOUT_LIBRARY_PATH
LD_AOUT_PRELOAD
/var/tmp
/var/profile
LD_WARN
LD_LIBRARY_PATH
LD_BIND_NOW
LD_BIND_NOT
LD_DYNAMIC_WEAK
LD_PROFILE_OUTPUT
/etc/suid-debug
MALLOC_CHECK_
LD_ASSUME_KERNEL
IGNORE
UCS-4// ISO-10646/UCS4/
UCS-4BE// ISO-10646/UCS4/
CSUCS4// ISO-10646/UCS4/
ISO-10646// ISO-10646/UCS4/
OSF00010104// ISO-10646/UCS4/
OSF00010105// ISO-10646/UCS4/
OSF00010106// ISO-10646/UCS4/
WCHAR_T// INTERNAL
UTF8// ISO-10646/UTF8/
UTF-8// ISO-10646/UTF8/
ISO-IR-193// ISO-10646/UTF8/
OSF05010001// ISO-10646/UTF8/
UCS2// ISO-10646/UCS2/
UCS-2// ISO-10646/UCS2/
OSF00010100// ISO-10646/UCS2/
OSF00010101// ISO-10646/UCS2/
OSF00010102// ISO-10646/UCS2/
ANSI_X3.4// ANSI_X3.4-1968//
ISO-IR-6// ANSI_X3.4-1968//
ISO646-US// ANSI_X3.4-1968//
US-ASCII// ANSI_X3.4-1968//
IBM367// ANSI_X3.4-1968//
CP367// ANSI_X3.4-1968//
CSASCII// ANSI_X3.4-1968//
UCS-2LE// ISO-10646/UCS2/
UCS-2BE// UNICODEBIG//
=INTERNAL->ucs4
=ucs4->INTERNAL
UCS-4LE//
=INTERNAL->ucs4le
=ucs4le->INTERNAL
=INTERNAL->utf8
=utf8->INTERNAL
=ucs2->INTERNAL
=INTERNAL->ucs2
=ascii->INTERNAL
=INTERNAL->ascii
=ucs2reverse->INTERNAL
=INTERNAL->ucs2reverse
alias
module
10646-1:1993// ISO-10646/UCS4/
10646-1:1993/UCS4/ ISO-10646/UCS4/
ISO-10646/UTF-8/ ISO-10646/UTF8/
ANSI_X3.4-1986// ANSI_X3.4-1968//
ISO_646.IRV:1991// ANSI_X3.4-1968//
OSF00010020// ANSI_X3.4-1968//
UNICODELITTLE// ISO-10646/UCS2/
gconv-modules
/usr/lib/gconv
gconv_trans_context
gconv_trans
gconv_trans_init
gconv_trans_end
GCONV_PATH
/usr/lib/gconv/gconv-modules.cache
gconv
gconv_init
gconv_end
upper
lower
alpha
digit
xdigit
space
print
graph
blank
cntrl
punct
alnum
toupper
tolower
^[yY]
^[nN]
%a %b %e %H:%M:%S %Y
%a %b %e %H:%M:%S %Z %Y
%p%t%g%t%m%t%f
%a%N%f%N%d%N%b%N%s %h %e %r%N%C-%z %T%N%c%N
+%c %a %l
ISO/IEC 14652 i18n FDCC-set
Keld Simonsen
keld@dkuug.dk
+45 3122-6543
+45 3325-6543
1997-12-20
ISO/IEC JTC1/SC22/WG20 - internationalization
C/o Keld Simonsen, Skt. Jorgens Alle 8, DK-1615 Kobenhavn V
i18n:1999
i18n:1999
i18n:1999
i18n:1999
i18n:1999
i18n:1999
i18n:1999
i18n:1999
i18n:1999
i18n:1999
i18n:1999
i18n:1999
i18n:1999
i18n:1999
i18n:1999
i18n:1999
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
UUUUUUUU
?33333333
UUUUUUU
P^Cy
^B{ $I
{fG5
0123456789abcdefghijklmnopqrstuvwxyz
0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ
(null)
to_outpunct
(nil)
*** %n in writable segment detected ***
*** invalid %N$ use detected ***
to_inpunct
0000000000000000                
Unknown error 
%s %s %s %s %d %d
 %d %d 
ndots:
timeout:
attempts:
inet6
ip6-bytestring
no-ip6-dotint
rotate
no-check-names
LOCALDOMAIN
/etc/resolv.conf
domain
search
nameserver
sortlist
options
RES_OPTIONS
trim
multi
nospoof
spoofalert
reorder
warn
bind
RESOLV_HOST_CONF
/etc/host.conf
RESOLV_SERV_ORDER
RESOLV_SPOOF_CHECK
RESOLV_MULTI
RESOLV_REORDER
RESOLV_ADD_TRIM_DOMAINS
RESOLV_OVERRIDE_TRIM_DOMAINS
%s: line %d: expected `on' or `off', found `%s'
%s: line %d: cannot specify more than %d trim domains
%s: line %d: list delimiter not followed by domain
%s: line %d: expected service, found `%s'
%s: line %d: cannot specify more than %d services
%s: line %d: list delimiter not followed by keyword
%s: line %d: bad command `%s'
%s: line %d: ignoring trailing garbage `%s'
aliases
ethers
netgroup
networks
passwd
protocols
publickey
services
shadow
illegal status in __nss_next
SUCCESS
UNAVAIL
NOTFOUND
TRYAGAIN
RETURN
CONTINUE
/etc/nsswitch.conf
nis [NOTFOUND=return] files
dns [!UNAVAIL=return] files
/lib/
/usr/lib/
cannot allocate name record
system search path
linuxthreads search path
/lib/obsolete/linuxthreads/
cannot stat shared object
cannot read file data
cannot map zero-fill pages
cannot close file descriptor
cannot create searchlist
 search path=
        (%s from file %s)
        (%s)
file too short
invalid ELF header
ELF file OS ABI invalid
ELF file ABI version invalid
internal error
  trying file=%s
ORIGIN
PLATFORM
RPATH
RUNPATH
cannot create cache for search path
cannot create search path array
file=%s [%lu];  generating link map
cannot create shared object descriptor
ELF load command address/offset not properly aligned
object file has no loadable segments
cannot dynamically load executable
cannot change memory protections
ELF load command alignment not page-aligned
cannot allocate TLS data structures for initial thread
failed to map segment from shared object
object file has no dynamic section
shared object cannot be dlopen()ed
cannot allocate memory for program header
cannot enable executable stack as shared object requires
  dynamic: 0x%0*lx  base: 0x%0*lx   size: 0x%0*Zx
    entry: 0x%0*lx  phdr: 0x%0*lx  phnum:   %*u
ELF file data encoding not little-endian
ELF file version ident does not match current one
ELF file version does not match current one
only ET_DYN and ET_EXEC can be loaded
ELF file's phentsize not the expected size
cannot create RUNPATH/RPATH copy
file=%s [%lu];  needed by %s [%lu]
find library=%s [%lu]; searching
cannot open shared object file
/etc/ld.so.cache
 search cache=%s
ld.so-1.7.0
glibc-ld.so.cache1.1
undefined symbol: 
symbol=%s;  lookup in file=%s [%lu]
file=%s [%lu];  needed by %s [%lu] (relocation dependency)
binding file %s [%lu] to %s [%lu]: %s symbol `%s'
 (no version symbols)
symbol 
, version 
 not defined in file 
 with link time reference
<main program>
relocation error
symbol lookup error
protected
normal
 [%s]
cannot allocate memory in static TLS block
cannot make segment writable for relocation
%s: Symbol `%s' has different size in shared object, consider re-linking
%s: no PLTREL found in object %s
%s: out of memory to store relocation results for %s
cannot restore segment prot after reloc
cannot apply additional memory protection after relocation
unexpected reloc type 0x
unexpected PLT reloc type 0x
 (lazy)
relocation processing: %s%s
<program name unknown>
cannot load auxiliary `%s' because of empty dynamic string token substitution
empty dynamics string token substitution
load auxiliary object=%s requested by file=%s
load filtered object=%s requested by file=%s
cannot allocate dependency list
cannot allocate symbol search list
Filters not supported with LD_TRACE_PRELINKING
out of memory
DYNAMIC LINKER BUG!!!
%s: %s: %s%s%s%s%s
continued
fatal
%s: error: %s: %s (%s)
error while loading shared libraries
calling init: %s
calling preinit: %s
checking for version `%s' in file %s [%lu] required by file %s [%lu]
no version information available (required by 
cannot allocate version reference table
unsupported version 
 of Verdef record
weak version `
' not found (required by 
 of Verneed record
.profile
%s: cannot open file: %s
%s: cannot stat file: %s
%s: cannot create file: %s
%s: cannot map file: %s
%s: file is no correct profile data file for `%s'
Out of memory while initializing profiler
/proc/self/exe
GLIBC_PRIVATE
_dl_open_hook
libc
Success
Operation not permitted
No such file or directory
No such process
Interrupted system call
Input/output error
No such device or address
Argument list too long
Exec format error
Bad file descriptor
No child processes
Cannot allocate memory
Permission denied
Bad address
Block device required
Device or resource busy
File exists
Invalid cross-device link
No such device
Not a directory
Is a directory
Invalid argument
Too many open files in system
Too many open files
Text file busy
File too large
No space left on device
Illegal seek
Read-only file system
Too many links
Broken pipe
Numerical result out of range
Resource deadlock avoided
File name too long
No locks available
Function not implemented
Directory not empty
No message of desired type
Identifier removed
Channel number out of range
Level 2 not synchronized
Level 3 halted
Level 3 reset
Link number out of range
Protocol driver not attached
No CSI structure available
Level 2 halted
Invalid exchange
Invalid request descriptor
Exchange full
No anode
Invalid request code
Invalid slot
Bad font file format
Device not a stream
No data available
Timer expired
Out of streams resources
Machine is not on the network
Package not installed
Object is remote
Link has been severed
Advertise error
Srmount error
Communication error on send
Protocol error
Multihop attempted
RFS specific error
Bad message
Name not unique on network
File descriptor in bad state
Remote address changed
Streams pipe error
Too many users
Destination address required
Message too long
Protocol not available
Protocol not supported
Socket type not supported
Operation not supported
Protocol family not supported
Address already in use
Network is down
Network is unreachable
Connection reset by peer
No buffer space available
Connection timed out
Connection refused
Host is down
No route to host
Operation already in progress
Operation now in progress
Stale NFS file handle
Structure needs cleaning
Not a XENIX named type file
No XENIX semaphores available
Is a named type file
Remote I/O error
Disk quota exceeded
No medium found
Wrong medium type
Operation canceled
Resource temporarily unavailable
Inappropriate ioctl for device
Numerical argument out of domain
Too many levels of symbolic links
Value too large for defined data type
Can not access a needed shared library
Accessing a corrupted shared library
.lib section in a.out corrupted
Attempting to link in too many shared libraries
Cannot exec a shared library directly
Invalid or incomplete multibyte or wide character
Interrupted system call should be restarted
Socket operation on non-socket
Protocol wrong type for socket
Address family not supported by protocol
Cannot assign requested address
Network dropped connection on reset
Software caused connection abort
Transport endpoint is already connected
Transport endpoint is not connected
Cannot send after transport endpoint shutdown
Too many references: cannot splice
out of memory
_dlfcn_hook
%s%s%s
%s%s%s: %s
unsupported dlinfo request
invalid namespace
Unknown error
net/unix
net/if_inet6
net/ax25
net/nr
net/rose
net/ipx
net/appletalk
sys/net/econet
sys/net/ash
net/x25
/proc/net
/proc/
0123456789abcdef
invalid mode parameter
RTLD_NEXT used in code not dynamically loaded
f. W.