How to determine outgoing connections on Windows and Linux?

Toggle sidebar Toggle sidebar
U

ugh

Platinum Member
Feb 6, 2000
2,563
0
0
Hi folks,

Are there any applications or commands in either of the operation systems to list down the outgoing connections from a PC from all the running apps?

Thanks.
 
W

WannaFly

Platinum Member
Jan 14, 2003
2,811
1
0
well, if you want to know what app it is you need a software based firewall, kerio is free.
 
Nothinman

Nothinman

Elite Member
Sep 14, 2001
30,672
0
0
You can use the -p switch to netstat on Linux to have it also display the pid/program that owns the connection.
 
C

CTho9305

Elite Member
Jul 26, 2000
9,214
1
81
Originally posted by: Nothinman
You can use the -p switch to netstat on Linux to have it also display the pid/program that owns the connection.
Click to expand...

foundstone's fport will be useful for windows.
 
Nothinman

Nothinman

Elite Member
Sep 14, 2001
30,672
0
0
foundstone's fport will be useful for windows.
Click to expand...

Or you can just use the -o switch (or is it /o?) to netstat if you have XP. But since so many things are just threads to svchost it becomes a big PITA to determine what is really listening on certain ports.
 
C

CTho9305

Elite Member
Jul 26, 2000
9,214
1
81
Originally posted by: Nothinman
foundstone's fport will be useful for windows.
Click to expand...

Or you can just use the -o switch (or is it /o?) to netstat if you have XP. But since so many things are just threads to svchost it becomes a big PITA to determine what is really listening on certain ports.
Click to expand...

interesting. Never knew that. fport gives you exe names though, which is a little more convenient.
 
U

ugh

Platinum Member
Feb 6, 2000
2,563
0
0
Thanks for the info folks. One thing though, netstat only provides the addresses but not the entire full path/URL to where an application connects to. Anywhere to find that out?
 
Nothinman

Nothinman

Elite Member
Sep 14, 2001
30,672
0
0
You can't find that out, that's part of the transaction that the kernel doesn't watch (well technically you could probably use a iptables module or something to do that, but noone does that I know of).
 
N

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
Originally posted by: ugh
Thanks for the info folks. One thing though, netstat only provides the addresses but not the entire full path/URL to where an application connects to. Anywhere to find that out?
Click to expand...

tcpdump/windump might give you more information then.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom