Networking Forums
Home Register Members Search Links
Member Login:

Networking Forums > Computer Networking > Linux Networking > detecting which process sends out UDP traffic

Reply
Thread Tools Display Modes

detecting which process sends out UDP traffic

 
 
uzon
Guest
Posts: n/a

 
      09-05-2004, 03:22 AM
hi,
i noticed that my system sends out a DNS request every couple of
seconds. how can i find out which process is doing this?
i ran "lsof -(E-Mail Removed)" which is supposed to show the process
which has an open socket to the dns server's ip, but it didn't show
anything.
also netstat didn't show any sockets..
any way to do this?
thanks in advance,
-Aaron
 
Reply With Quote
 
 
 
 
Ian Northeast
Guest
Posts: n/a

 
      09-05-2004, 12:34 PM
On Sat, 04 Sep 2004 20:22:07 -0700, uzon wrote:

> hi,
> i noticed that my system sends out a DNS request every couple of seconds.
> how can i find out which process is doing this? i ran "lsof
> -(E-Mail Removed)" which is supposed to show the process which has an open
> socket to the dns server's ip, but it didn't show anything.
> also netstat didn't show any sockets.. any way to do this?
> thanks in advance,

The only way I know how to do this is to arrange somehow for the query not
to be answered. If it's querying your own nameservers you can shut them
down, or you can put in temporary firewall rules to prevent the query
going out or the response coming back. Then the socket will stay open long
enough to catch it with lsof.

Regards, Ian
 
Reply With Quote
 
Michael Heiming
Guest
Posts: n/a

 
      09-05-2004, 12:53 PM
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
NotDashEscaped: You need GnuPG to verify this message

In comp.os.linux.networking uzon <(E-Mail Removed)> suggested:
> hi,
> i noticed that my system sends out a DNS request every couple of
> seconds. how can i find out which process is doing this?
> i ran "lsof -(E-Mail Removed)" which is supposed to show the process
> which has an open socket to the dns server's ip, but it didn't show
> anything.

lsof -i UDP:53

Should show anything using port 53/UDP, perhaps you can work it
out from there run it in a loop for a few minutes, just keep an
eye on your logfile size. 'tcpdump' should be helpful in addition.

--
Michael Heiming (GPG-Key ID: 0xEDD27B94)
mail: echo (E-Mail Removed) | perl -pe 'y/a-z/n-za-m/'
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBOww+AkPEju3Se5QRAvb8AJoCNbfrHiJ9EQ28AjLj/P5UNEI1ogCgvx/1
b0PNVPu8JV3FuxetMPeEYUI=
=RUTm
-----END PGP SIGNATURE-----
 
Reply With Quote
 
uzon
Guest
Posts: n/a

 
      09-10-2004, 03:57 AM
worked like a charm.
thanks
 
Reply With Quote
 
 
 
Reply

« Help setting up routing table under linux 2.4.21 | New Data Broadcasting Forum »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Delayed/Batched TCP Sends mhetherington Windows Networking 0 01-15-2009 04:13 PM
is it possible to determine how much network traffic is caused by aparticular process? gthaker@atl.lmco.com Linux Networking 1 02-27-2008 08:15 PM
How to find the Service which sends unwanted traffic? hrparikh Windows Networking 1 03-29-2007 02:20 PM
pppd sends LCP ConfReq then gives up Ian Linux Networking 3 08-10-2005 06:32 PM
Google sends me to cPanel? Jeff Ward Linux Networking 4 10-12-2003 11:42 AM


Forum Software Powered by vBulletin®, Copyright Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.2 ©2009, Crawlability, Inc.
Contact Us - Archive - Privacy Statement - Top

1 2 3 4 5 6 7 8 9 10 11