Find the answer to your Linux question:
Results 1 to 4 of 4
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Log any process and PID perform open a port from Server ?

    I want to log any process and PID perform open a port from Server. How can i do ?


  2. #2
    hello and welcome, itop!

    could you be a little more specific about what you want to log? Do you mean that you have network services running (e.g., ftp, http, sendmail, etc.) and you want to track when incoming connections (over TCP or UDP ports) are made to them?

  3. #3
    I want log it to log files, examples to know 1 backdoor script perform open a port, Thanks.

  4. $spacer_open
  5. #4
    Just Joined! kerim's Avatar
    Join Date
    May 2010

    Logging network services or service from commandline

    For a simple analyze, you can use tcpdump program.For content based analyze, you can use tshark.These are command line tools, you can log all these captures from commandline, then write them a file.At the sametime you can write format of pcap log files with these programs which can analyze with detailed log.

    If you use pcap based log, you can use a lot of kind of analyze programs

    Examining and Dissecting: tcpdump/libpcap Traces | Matthias Vallentin:

    tcpdump usage tutorials:
    TCPDUMP - The Easy Tutorial:
    A Tcpdump Tutorial and Primer | Daniel Miessler:

    Thats all

    Write a script or run your command, this is your selection

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts