diff options
Diffstat (limited to 'Examples/connections_example.txt')
-rw-r--r-- | Examples/connections_example.txt | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/Examples/connections_example.txt b/Examples/connections_example.txt new file mode 100644 index 000000000000..e39d063113a8 --- /dev/null +++ b/Examples/connections_example.txt @@ -0,0 +1,23 @@ +The following is an example of connections. As inbound TCP connections are +established their details are printed out. This includes the UID, PID and +CMD of the server process that is listening on that port, + + # connections + UID PID CMD TYPE PORT IP_SOURCE + 0 242 inetd tcp 79 192.168.1.1 + 0 359 sshd tcp 22 192.168.1.1 + 100 1532 Xorg tcp 6000 192.168.1.1 + ^C + + +In another window snoop was running for comparison, + + # snoop 'tcp[13:1] = 0x02' + Using device /dev/rtls0 (promiscuous mode) + mars -> jupiter FINGER C port=56760 + mars -> jupiter TCP D=22 S=56761 Syn Seq=3264782212 Len=0 ... + mars -> jupiter XWIN C port=56763 + +snoop can already tell me that these connections are happening - but does not +print out details of the server that accepted the connection. + |