LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Reply
 
Search this Thread
Old 01-14-2006, 09:10 PM   #1
rickh
Senior Member
 
Registered: May 2004
Location: Albuquerque, NM USA
Distribution: Debian-Lenny/Sid 32/64 Desktop: Generic AMD64-EVGA 680i Laptop: Generic Intel SIS-AC97
Posts: 4,250

Rep: Reputation: 60
How can I get info re. current active connections?


I had trouble figuring out the NAT firewall on my router when I first got it. Finally gave up, and put my PC in the DMZ, and used a software firewall (Firestarter). Eventually decided it wouldn't allow me to do some packet filtering I wanted. In the process of replacing it, I discovered how to use the NAT firewall, and now have it doing everything I want ... except one thing.

In Firestarter, I could view information about each currently active connection ... Servers I was accessing, Users on my FTP server, My mail connection, HTTP connections via a browser, etc. Info consisted of the remote IP address, port connection, and service. If my NAT firewall provides that info, I haven't been able to find it.

Is there a netstat flag, or some other method of displaying this info?
 
Old 01-14-2006, 09:33 PM   #2
Notwerk
Member
 
Registered: Apr 2005
Location: Jordan
Distribution: Debian (Sarge), Ubuntu (6.06)
Posts: 271

Rep: Reputation: 30
There's a couplt of things you'll probably enjoy:
1) iptstate
2) netstat
3) iptraf

The first two are commands so you should man them. The last is a simple program with a simple interface but is very helpful for monitoring connections in real-time.
 
Old 01-14-2006, 10:16 PM   #3
rickh
Senior Member
 
Registered: May 2004
Location: Albuquerque, NM USA
Distribution: Debian-Lenny/Sid 32/64 Desktop: Generic AMD64-EVGA 680i Laptop: Generic Intel SIS-AC97
Posts: 4,250

Original Poster
Rep: Reputation: 60
Ooh! iptraf does exactly what I want without any setup whatsoever. Plus it looks like it'll do lots more after I read the instructions.
 
Old 01-15-2006, 12:53 AM   #4
Notwerk
Member
 
Registered: Apr 2005
Location: Jordan
Distribution: Debian (Sarge), Ubuntu (6.06)
Posts: 271

Rep: Reputation: 30
I know.... I LOVE it Best part is: It works over ssh.

Glad this info was of help.
 
Old 01-16-2006, 09:18 AM   #5
GL1800
Member
 
Registered: Jun 2005
Location: Lilburn, Ga
Distribution: FC5
Posts: 175

Rep: Reputation: 30
I often use netstat -an --inet for this. Or, just netstat -A inet. Another helpful one is netstat -pultw which lists all connections both tcp and udp.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ftp confusion/want active connections servnov Linux - General 2 09-26-2004 02:48 PM
Active network connections crabboy AIX 1 08-04-2004 04:14 PM
iptables, nmap and active ftp connections Bug Linux - Security 3 06-14-2004 02:14 PM
GUI for active connections twistedpair Linux - Networking 3 03-30-2004 04:22 PM
Killing Active Connections Crashed_Again Linux - General 5 05-17-2003 02:48 AM


All times are GMT -5. The time now is 10:25 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration