On 0, Jean Christophe ANDR? <jean-christophe.andre@auf.org> wrote: [snip] > You may do something like that (needs apt-get install netcat) : > > - create a little script /root/spy.sh (just use netstat) : > #!/bin/sh > ( > echo "=====" > date > netstat -lnp > ) >> /root/spy.txt > # yes, I know, there is no lock managment, but hey! just for testing! :) > - lauch a netcat in a terminal (or screen) : > nc -l -p 111 -e /root/spy.sh # for TCP connection > nc -l -p 111 -u -e /root/spy.sh # for UDP connection > - open the 111 access : > iptables -I INPUT -i lo -p tcp --dport 111 -j ACCEPT > iptables -I INPUT -i lo -p udp --dport 111 -j ACCEPT > - then wait and check the /root/spy.txt : > tail -f /root/spy.txt > > There is some other (better) way of doing this (by programming), > but this one is the easier I can think by know... :) What the.... What's wrong with 'lsof -i :111' and 'lsof -i :16001'? It tells you precisely what's attempting to connect... Tom -- Tom Cook Information Technology Services, The University of Adelaide Do not meddle in the affairs of dragons, for you are crunchy, and taste good with ketchup. Get my GPG public key: https://pinky.its.adelaide.edu.au/~tkcook/tom.cook-at-adelaide.edu.au
Attachment:
pgpRrlVZX1wmf.pgp
Description: PGP signature