If a connection is established, then you can find the owner by comparing
the inode in /proc/net/tcp with the /proc/<PID> tree [all the numbered
folders]. In each of these there is a folder named fd which provides
symbolic links to the open file descriptors which that PID is using. a
quick ls -l will give you the information you need to resolve it to a
socket inode, you'll usually see socket:[32424] or something similar.
You then know which PID owns the conection. I have some python code
which resolves this all to program names if you want it?
Tom Eastep wrote: vwf wrote:How can I lock my workstation down on application level?tuxguardian.sf.net -Tom |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: will --cmd-owner ever return?, Tom Eastep |
|---|---|
| Next by Date: | Does iptables have any certificate?, Larry Yuma |
| Previous by Thread: | Re: will --cmd-owner ever return?, Tom Eastep |
| Next by Thread: | Re: will --cmd-owner ever return?, Jan Engelhardt |
| Indexes: | [Date] [Thread] [Top] [All Lists] |