[clug-talk] using lsof to track down and match connections and PIDs
Gustin Johnson
gustin at echostar.ca
Thu Jan 8 11:32:46 PST 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
At last nights meeting someone asked Simon and I how to track down which
process was pinging Mandriva every 5 seconds. I was pretty sure that
lsof was the right tool for the job, and sure enough, it looks like it is.
It turns out that one of my favourite sites has even more ideas than I
did.
http://dmiessler.com/study/lsof/
The short short version is that some of these might be useful:
To look for the DNS request part
lsof -iUDP
Shows all connections
lsof -i
Shows connections to a given IP or an IP and a port
lsof -i@<ip>
lsof -i@<ip>:<port>
Hth,
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAklmVN0ACgkQwRXgH3rKGfMZcgCdGN0GM18wR8+Lb6fgL6/v3g/c
6xkAn2ewhmKJZnVbnCLqHRmGkDBgJLTv
=lpbf
-----END PGP SIGNATURE-----
More information about the clug-talk
mailing list