mir.archlinux.fr sending ACK packages when I'm not running pacman.

pepeapepepe · 2011-05-18 06:30:42

Hi everyone,

I saw the blinking leds of my router indicating network activity when i was, _afaik_ not using the network at all. ( all computers off but my laptop (not using network, again _afaict_ ) ).

So, I ran tcpdump in the laptop and find the following:

03:08:13.842092 IP mir.archlinux.fr.http > 200.0.0.4.37041: Flags [.], seq 748568:750008, ack 1, win 16384, options [nop,nop,TS val 4002395154 ecr 441670], length 1440
03:08:13.842198 IP 200.0.0.4.37041 > mir.archlinux.fr.http: Flags [.], ack 750008, win 7162, options [nop,nop,TS val 446046 ecr 4002395154], length 0
03:08:13.855927 IP mir.archlinux.fr.http > 200.0.0.4.37041: Flags [P.], seq 750008:750072, ack 1, win 16384, options [nop,nop,TS val 4002395164 ecr 441670], length 64
03:08:13.856176 IP 200.0.0.4.37041 > mir.archlinux.fr.http: Flags [.], ack 750072, win 7162, options [nop,nop,TS val 446050 ecr 4002395164], length 0

I _know_ I was not running pacman. But, I was having problems when updating from this mirror another arch-instalation so I had to kill pacaman (almost 24 hours before this incident).

I post this here hoping someone could point me a potential problem because I don't know whats going on.

Which could, posibly, be the problem here?

cheers.

Edit: Subject typo.

Last edited by pepeapepepe (2011-05-18 07:35:01)

fukawi2 · 2011-05-18 09:09:16

Have a look and see what (if anything) is talking to it:

netstat -tnp | fgrep 213.186.62.207

Also, run tcpdump with the -n option; reverse DNS can be anything. I could set my IP address to mir.archlinux.fr if I wanted, doesn't mean my host is mir.archlinux.fr

Last edited by fukawi2 (2011-05-18 09:09:43)

Arch Linux

#1 2011-05-18 06:30:42

mir.archlinux.fr sending ACK packages when I'm not running pacman.

#2 2011-05-18 09:09:16

Re: mir.archlinux.fr sending ACK packages when I'm not running pacman.

Board footer