[TriLUG] which process is listening on this socket
matt at noway2.thruhere.net
matt at noway2.thruhere.net
Wed Feb 29 16:41:35 EST 2012
It's a bad choice of options isn't. :P
The funny thing is that it is one of the commands you should use and look
at very carefully if you suspect being Pwn'd.
My full recommendation would be:
( /bin/ps acxfwwwe 2>&1; /usr/sbin/lsof -Pwln 2>&1; /bin/netstat -anpe
2>&1; ) > /path/to/data.txt
This will give you a complete process, socket, and connection list in one
file that you can examine and cross check.
>
>> Try lsof -Pwn
>
> Maybe it's just me, but I am afraid to try any command
> with a "Pwn" option.
>
>
>> Sent via BlackBerry
>
> Sent via my Raspberry Pi
>
>
> --
> # ɹÇʇɹoÔ€ uÉl∀
>
> --
> This message was sent to: Matt Flyer <matt at noway2.thruhere.net>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that
> address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web :
> http://www.trilug.org/mailman/options/trilug/matt%40noway2.thruhere.net
> TriLUG FAQ :
> http://www.trilug.org/wiki/Frequently_Asked_Questions
More information about the TriLUG
mailing list