Deciphering the output from tcpflow?
To discover the identity of the process sending unknown traffic on eth0, it
was suggested that I run tcpflow. The result and another question follows:
root@debian-rtg:/home/tilleyrw/tcpflow-dumps# ls -S
065.032.005.052.00110-192.168.001.103.33847
065.032.005.052.00110-192.168.001.103.33846
192.168.001.103.33846-065.032.005.052.00110
192.168.001.103.33847-065.032.005.052.00110
Now that I know the specifics of From and To about the traffic, how does that
help me in terms of identifying the offending process IDs?
--
Let not the sands of time get in your lunch.
Reply to: