RE: How to find a process

["M. Waseem Sindhu" <wsindhu () inspediumcorp com>]

Hello Fran,

Try "netstat -b" or "netstat -n -b"

Second option is faster as it will show you just IP addresses without
resolving them to host names.

Hope it'll help.

Regards,

Muhammad Waseem Sindhu
Software Engineer, Technical Support
Inspedium Corp. (SMC Private) Ltd.
407 Light House Centre, M. A. Jinnah Road
74200 - Karachi



-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of Francisco Rodrigo Cortinas Maseda
Sent: Wednesday, 13 June, 2007 14:32
To: security-basics () securityfocus com
Subject: How to find a process

Hello,

my name is Fran, im a network and system administrator, and i have a
strange case, but sure somenone have had the same problem before me.

My problem is that we have some strange traffic on the firewalls, going
from a server on a DMZ to public client pools.

10:09:10.511978 00:0e:0c:71:7f:cd > 10:00:00:00:26:01, ethertype IPv4
(0x0800), length 61: IP XXXXX.44267 > XXXXXX.3072: UDP, length 19

The problem is: with netstat i only see the ports daemons are listening
on. I want to know the process that is using the outgoing port, that is,
44267.

Is there a way to know this?

Thanks in advance.
Regards.