Find the answer to your Linux question:
Results 1 to 4 of 4
I want to log any process and PID perform open a port from Server. How can i do ? Thanks....
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Aug 2013
    Posts
    2

    Log any process and PID perform open a port from Server ?


    I want to log any process and PID perform open a port from Server. How can i do ?

    Thanks.

  2. #2
    Trusted Penguin
    Join Date
    May 2011
    Posts
    4,353
    hello and welcome, itop!

    could you be a little more specific about what you want to log? Do you mean that you have network services running (e.g., ftp, http, sendmail, etc.) and you want to track when incoming connections (over TCP or UDP ports) are made to them?

  3. #3
    Just Joined!
    Join Date
    Aug 2013
    Posts
    2
    I want log it to log files, examples to know 1 backdoor script perform open a port, Thanks.

  4. $spacer_open
    $spacer_close
  5. #4
    Just Joined! kerim's Avatar
    Join Date
    May 2010
    Location
    Istanbul
    Posts
    15

    Logging network services or service from commandline

    For a simple analyze, you can use tcpdump program.For content based analyze, you can use tshark.These are command line tools, you can log all these captures from commandline, then write them a file.At the sametime you can write format of pcap log files with these programs which can analyze with detailed log.

    If you use pcap based log, you can use a lot of kind of analyze programs

    Links:
    Examining and Dissecting: tcpdump/libpcap Traces | Matthias Vallentin: matthias.vallentin.net/blog/2007/01/examinig-and-dissecting-tcpdump-libpcap-traces/

    tcpdump usage tutorials:
    TCPDUMP - The Easy Tutorial: openmaniak.com/tcpdump.php
    A Tcpdump Tutorial and Primer | Daniel Miessler: danielmiessler.com/study/tcpdump

    Thats all

    Write a script or run your command, this is your selection

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •