linux poison RSS
linux poison Email

How to list Open Files and Network Connections

Lsof is a Unix-specific diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It can also list communications open by each process.

One evident advantage this capability is security. For example, if a spyware or other malware program was sending information from your computer to the Internet or to a file on your hard disk, it would show up in the output of these commands.

lsof – list open files
This simple command often ran with no arguments, and does just what it says: lists every single open file by every program running at the time. The output of lsof typically looks like this:

In this case the output is too large, so the better way to redirect the output to some file for further analysis, use this command to redirect the output: lsof > output.txt and or filter it using various pipe commands.
Another example, if one wants to see if the special file (application) firefox is open by any processes, we run the following command: lsof | grep /usr/lib/firefox/firefox

list open network sockets (connections)
In addition to listing open files, lsof can list open network sockets (connections) when given the -i switch.

If you observe the output you can see the list of open connections made by different process/application to/from you local box


Post a Comment

Related Posts with Thumbnails