Hi, this is from a laptop running 13.2. I am running every day seccheck and have normally no particular entries. Today I had the machine going very slow and this evening I go quite some lines like the following: + dnsmasq dnsmasq 0t0 UDP *:5011 - dnsmasq dnsmasq 0t0 UDP *:53317 - nscd nscd 0t0 UDP 127.0.0.1:53062->127.0.0.1:53 + kio_pop3 mercurio 0t0 UDP 127.0.0.1:36538->127.0.0.1:53 (several entries) + nscd nscd 0t0 UDP 127.0.0.1:40609->127.0.0.1:53 (several entries) For what I understand that should be normal in the sense that I am using dnssec via dnsmasq on port 53 and have set therefore my dns server set to 1270.0.1 But normally I never find trace of kio_pop in the seccheck, so I am asking myself if I did configure something wrong in my router. That would explain why today I had trouble for a few time to open firefox as probably it was trying to check for the right dns. Any comment about the entry, in the sense that I do not really clearly understand how to read the output. E.g. we have a new entry "+" today for kio_pop3 (which is the pop-client of kmail?) of the user mercurio "0t0" I do not understand 0t0. UDP is the protocol used, communicates with local.host on port 53062 as desired and the local host then did communicate to port 53 to ask for DNS. Right? So substantially the question would be, why the kio_pop3 entries appeared in the first place. The other entries (nscd dnsmasq, dhclient I am used to see as "business as usual". Thank you for illuminating me on the way to read the output right and to understand if there is a problem with my routersettings. Currently all seems normal when browsing or in general operation. However I am worried about what I see when I do sudo lsof -i | egrep "COMMAND|LISTEN|UDP" which gives: COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME systemd 1 root 21u IPv4 8132 0t0 TCP *:sunrpc (LISTEN) systemd 1 root 22u IPv4 8133 0t0 UDP *:sunrpc systemd 1 root 23u IPv6 8134 0t0 TCP *:sunrpc (LISTEN) systemd 1 root 24u IPv6 8135 0t0 UDP *:sunrpc rpcbind 1774 rpc 4u IPv4 8132 0t0 TCP *:sunrpc (LISTEN) rpcbind 1774 rpc 5u IPv4 8133 0t0 UDP *:sunrpc rpcbind 1774 rpc 6u IPv6 8134 0t0 TCP *:sunrpc (LISTEN) rpcbind 1774 rpc 7u IPv6 8135 0t0 UDP *:sunrpc cupsd 2232 root 7u IPv4 19734 0t0 TCP localhost:ipp (LISTEN) cupsd 2232 root 9u IPv4 19737 0t0 UDP *:ipp dnsmasq 2330 dnsmasq 4u IPv4 16366 0t0 UDP *:domain dnsmasq 2330 dnsmasq 5u IPv4 16367 0t0 TCP *:domain (LISTEN) dnsmasq 2330 dnsmasq 6u IPv6 16368 0t0 UDP *:domain dnsmasq 2330 dnsmasq 7u IPv6 16369 0t0 TCP *:domain (LISTEN) ntpd 2390 ntp 16u IPv4 21819 0t0 UDP *:ntp ntpd 2390 ntp 17u IPv6 21849 0t0 UDP *:ntp ntpd 2390 ntp 18u IPv4 21854 0t0 UDP localhost:ntp ntpd 2390 ntp 21u IPv4 43748 0t0 UDP 192.168.178.28:ntp sendmail 2399 root 4u IPv4 20612 0t0 TCP localhost:smtp (LISTEN) dhclient 2509 root 6u IPv4 22814 0t0 UDP *:bootpc dhclient 2509 root 20u IPv4 23648 0t0 UDP *:59499 dhclient 2509 root 21u IPv6 23649 0t0 UDP *:43776 clamd 2532 vscan 4u IPv4 20132 0t0 TCP localhost:dyna-access (LISTEN) Further questions: why sunrpc is listening? (the others are clear to me). As this is systemd, it may be that now that is normal and needed to watch over other applicatons, but I would like to be sure. Also, why I do have bootpc running? Is this needed and if not, where can I shut this service down. Did run: ps u 1774 USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND rpc 1774 0.0 0.0 44924 3640 ? Ss ott16 0:00 /sbin/rpcbind -w -f which does not tell me much more. Thankful for any information. --- Alle Postfächer an einem Ort. Jetzt wechseln und E-Mail-Adresse mitnehmen! http://email.freenet.de/basic/Informationen -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org