programs making outbound connections
So, I'm wondering how I can tell if programs are making outbound connections, and if so, where the connections are going to.
It's a poor comparison, but in windows, everytime a connection is attempted, zonealarm firewall told me "such-and-such is trying to reach <ip>, allow or disallow?". I liked that feature; I felt in control.
I know I have programs that are accessing the net without my direct intervention (ex: popularity-contest, sshd (when it initates a connection), non-free binary only programs, etc), so how can I monitor which ones connected when?
PS I know I can monitor sshd via auth.log.