From: Pavic, Aleksander (Aleksander.Pavic@t-systems.com)
Date: Fri Nov 25 2005 - 08:14:42 EST
Hello list,
I need to identify a process which uses an ip4/tcp connection.
lsof is not an option.
I use the following line to do that:
for i in `ps -e | awk '{print $1}'`; do echo $i; pfiles $i | sed -n
'/port: 4100/p'; done
I don't get data from this line when I search for this port.
But netstat says that this connection is established:
bash-2.05# netstat -an | grep 4100
x.x.x.x.32858 x.x.x.x.4100 24820 0 24820 0 ESTABLISHED
And I know that this connection must work, because it is part if an
application that works without any problem.
It works for any other connection, but not for this one. Does anyone
know why?
This is unlikely a rootkit effect, because I can reproduce this behavior
on different physical separated machines.
regards,
Aleks
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:37:09 EDT