6

After installing Conky and listing all my inbound and outbound connections I start to wonder what's actually happening and what and why things are happening.

screenshot

I'm getting a bit suspicious. How can I know which process is accessing which of these addresses?

dobey
  • 40,344
  • 5
  • 56
  • 98
Qohelet
  • 669
  • 2
  • 7
  • 21
  • Wireshark is a better graphical tool for this sort of information then Conky. – Panther May 08 '15 at 17:05
  • @bodhi.zazen - would be nice if you could share a page with know-how related to my question (configuration especially). Wireshark is a huge tool which can do much more than only "sort information". And I use conky mostly for different purposes. In that case it was just a cool feature – Qohelet May 08 '15 at 17:14
  • What sort of information do you want ? How to wireshark ? How to interpret network traffic ? How to configure conky ? How to lsof ? netstat ? – Panther May 08 '15 at 17:18
  • `netstat -nputw` – A.B. May 08 '15 at 17:29
  • @bodhi.zazen: To configure wireshark so it solves my problem – Qohelet May 11 '15 at 06:23

3 Answers3

4

If you only want to see those connection that arouse your suspicion you can really use lsof.

sudo lsof -i | egrep -i "cloudfront|poneytelecom|dark"

lsof -i restricts the output to internet connections.
Use egrep (instead of grep) to be able to supply alternatives in the search string (separated by |), -i tells egrep to ignore case (DARK vs. dark).

If you have IP-addresses instead of hostnames use

sudo lsof -ni | egrep -i "10\.0\.8|193\.170"
guntbert
  • 12,914
  • 37
  • 45
  • 86
1

You can run lsof -n|grep TCP to know which programs are connecting to which IPs.

dobey
  • 40,344
  • 5
  • 56
  • 98
1

My favorite tool dealing with processes and network usage is nethogs (install it with sudo apt-get install nethogs).

This tool displays every process and the bandwidth it consumes, it doesn't show the IP-addresses where the processes are connecting though. You may have to start it with the interface name, e.g. sudo nethogs wlan0.

enter image description here

guntbert
  • 12,914
  • 37
  • 45
  • 86
  • Even thought it doesn't answer my question to which host the program is connecting I find this answer really useful. I would give it an upvote if I could... – Qohelet May 11 '15 at 06:23