How to detect what process is making a connection?

Furmanek, Greg Greg.Furmanek@hit.cendant.com
Wed, 8 Mar 2000 11:33:58 -0500


Check which ports the ICQ and the IRC work and then deny any 
outgoing packets to those ports.

Even if the modem dials you still will not allow for ICR or ICQ.

The Wolf

-----Original Message-----
From: Shawn T. Rutledge [mailto:rutledge@cx47646-a.phnx1.az.home.com]
Sent: Tuesday, March 07, 2000 11:22 PM
To: plug-discuss@lists.PLUG.phoenix.az.us
Subject: How to detect what process is making a connection?


I got my dad using a linux gateway to ppp into my system for internet
access.
Well it's dialing out a lot, even when his other computers are turned off.
So I'm wondering how I can log all outgoing packets, or maybe better log
any outgoing packet which causes the ppp connection to become necessary.
(I'm using the new demand dialing feature built into pppd)  Any ideas how
to do that?

Then after I figure out what is doing it, it would be cool to put in a 
sort of restrictive filter so that only certain types of packets can cause 
the ppp connection to become active (like, maybe only packets whose 
destination is port 80... that should eliminate things like ICQ or AIM that 
might be just keeping the connection alive for the heck of it.  To them it
will look like the connection is down.) 

-- 
  _______                                     http://www.bigfoot.com/~ecloud
 (_  | |_)  ecloud@bigfoot.com   finger rutledge@cx47646-a.phnx1.az.home.com
 __) | | \__________________________________________________________________
 Get money for spare CPU cycles at http://www.ProcessTree.com/?sponsor=5903

_______________________________________________
Plug-discuss mailing list  -  Plug-discuss@lists.PLUG.phoenix.az.us
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss