On 4 Feb 2005, Jose Maria Lopez wrote:
> El vie, 04 de 02 de 2005 a las 21:41, Mohammad Khan escribió:
> > Hello List,
> >
> > I am not sure about some packet was trying to go out from my router.
> > Is there a way to know, what application(s) is/are sending those
> > packets?
> >
> > Thanks
> > Mohammad
>
> Yes, it's very easy. Just use ethereal to capture the packets
> and identify the ports the application it's using to send the
> packets, then use lsof -i to see what application it's using
> that port.
>
> Regards.
>
>
In most cases it is easier then that. Knowing the ports that specific
apps use can be the first determiner or narrower for making a possible
answer pop up. Netstat on the server in qustion is another method, lsof
is not as common a tool on many vendor offerings still, and then if all
else is failing falling back upon traffic captures from the wire. Most
the time the level of paranoia of going to the most aggresive and
technically challenging mode is a 'ramp-up' kinda thing.
Thanks,
Ron DuFresne
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com
...Love is the ultimate outlaw. It just won't adhere to rules.
The most any of us can do is sign on as it's accomplice. Instead
of vowing to honor and obey, maybe we should swear to aid and abet.
That would mean that security is out of the question. The words
"make" and "stay" become inappropriate. My love for you has no
strings attached. I love you for free...
-Tom Robins <Still Life With Woodpecker>
