|If you need to figure out what is coming in or going out of your server, there are a few useful commands for this.|
In this example, we're going to track connections that are using port 25.
On Linux (CentOS/Debian), you can use the netstat command:
netstat -np --protocol=inet | grep ESTABLISHED | grep :25or on FreeBSD:
sockstat -c -p 25 -P tcpBoth types should generate a PID number. The netstat command will provide the PID number on the far right, and sockstat is the 3rd column.
Once you know the PID number that is using the connection, you can then type:
ps aux | grep 1234where you'd replace 1234 with the PID number you got from the output. From there, you can try and track down the source.
Using the pid number to get into from /proc/1234 is also useful.
|Finding runtime information on a specific process ID|
© 2018 JBMC Software, Suite 173 3-11 Bellerose Drive, St Albert, AB T8N 1P7 Canada. Mon-Fri 9AM-5PM MST