From: Siert Zijl (sgzijl@dds.nl)
Date: Sat Jan 25 2003 - 19:47:33 EST
On Wed, 22 Jan 2003, Siert Zijl wrote:
|On one of my machines a process is trying to sent data to a specific ip
|address.
|
|I found the port and ip address with snoop, but now I'm wondering how I
|am able to find the process sending the data to that specific IP.
First of all: many thanks to all the people responding to my question.
Almost everybody recommed lsof to trace the PID. In my case it would become:
# lsof -i tcp | grep port
or:
# lsof -i :port
I am familiar with lsof, but since the data was sent only four times a minute
(very quickly) and lsof is quiet slow on the appropriate machine, it still
didn't work out for me.
Robert Milkowski came with a very nice solution:
# ps -ef|awk '{print "pfiles "$2}'|bash >/tmp/pfile.out
Running that command in a while loop for several minutes finally helped me out:
# while true ; do ps -ef|awk '{print "pfiles "$2}'|bash >>/tmp/pfile.out ; done
Once again; many thanks for all the replies.
With kind regards, Siert Zijl
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:25:43 EDT