I am on a VPS, with tcpdump I noticied some traffic from and to port 4001 on my machine.
I tried lsof -i :4001 which gives nothing
I tried tcpkill port 4001, which gives "tcpkill: write: Operation not permitted"
I also have this port blocked with firewall (input and output)
Would you have any idea what is this traffic, why I cannot see the process and why I cannot stop it?
tcpdump -n -X gives something like this:
11:29:59.434409 IP foreignIP.4018 > myIP.4001: Flags [.], ack 1, win 501, length 0
0x0000: 4500 0028 766e 4000 3406 3df2 334f e45d E..([email protected].=.3O.]
0x0010: 8b63 ef5f 0fb2 0fa1 9dd6 1baf 7215 425c .c._........r.B\
0x0020: 5010 01f5 8e25 0000 P....%..
11:29:59.454867 IP myIP.4001 > foreignIP.4004: Flags [.], ack 1, win 6141, length 0
0x0000: 4500 0028 ae3d 4000 7f06 bb22 8b63 ef5f E..(.=@....".c._
0x0010: 334f e45d 0fa1 0fa4 4a40 3666 3405 791f 3O.][email protected].
0x0020: 5010 17fd b857 0000