Is there a way to track down what process is sending to a certain port? I have some thing pounding the network with requests to a multicast IP that doesn't exist. I have shut down all comms related processes and yet it is still there. Need a way to track the port or IP back to the process. Thanks in advance.
use "netstat" + "lsof" if they are present on your flavor of unix.
That would only tell you if a UDP port was "connected" to the remote port....?
Did I got the question wrong ?
lsof | grep gaim
gaim 30514 sysgate 18u IPv4 97106 TCP sysgate.company.com:59973->205.188.8.226:aol (ESTABLISHED)
gaim 30514 sysgate 20u IPv4 97116 TCP sysgate.company.com:35286->64.12.30.76:aol (ESTABLISHED)