Linux Today: Linux News On Internet Time.

More on LinuxToday

lsof, sockets and trojans

Apr 30, 2009, 16:53 (0 Talkback[s])
(Other stories by Juliet Kemp)

"You'll quite often see two reports from a single command, one for TCP and one for UDP. The PID and user is shown for each IP socket, so if you see something suspicious, you can investigate further (e.g., with ps -l 5763 to get more information on the mysql process here, or by looking at /proc/5763/)"

Complete Story

Related Stories: