Quoting Robert Varga ([EMAIL PROTECTED]):
>
> How can I determine the process belonging to a tcp connection on my
> machine? I have a couple of connection which I find very unnerving:
>
> netstat -a | grep aiesec produces the output:
>
> tcp 0 0 mymachine:27567 aiesecplanet.satim:auth
> ESTABLISHED
> tcp 0 0 mymachine:27434 aiesecplanet.satim:auth
> ESTABLISHED
> tcp 0 0 mymachine:27426 aiesecplanet.satim:auth
> ESTABLISHED
> tcp 0 0 mymachine:27389 aiesecplanet.satim:auth
> ESTABLISHED
> tcp 0 0 mymachine:26779 aiesecplanet.satim:auth
> ESTABLISHED
> tcp 0 0 mymachine:1097 aiesecplanet.satim:auth
> ESTABLISHED
/
--------------
/
fuser -n tcp -u <nnnnn>
prints the pid, then
ps auxwww | grep <pid>
tells you the process commandline.
> How can I find what communication is taking place on these connections?
tcpdump -l -n -i <interface> [host <host>] | tee <somefile>
to watch the traffic.
Cheers,
--
Email: [EMAIL PROTECTED] Tel: +44 1908 653 739 Fax: +44 1908 655 151
Snail: David Wright, Earth Science Dept., Milton Keynes, England, MK7 6AA
Disclaimer: These addresses are only for reaching me, and do not signify
official stationery. Views expressed here are either my own or plagiarised.
