1 1.1 christos The following is a demonstration of the tcpsnoop script. 2 1.1 christos 3 1.1 christos 4 1.1 christos 5 1.1 christos Here we run tcpsnoop and wait for new TCP connections to be established, 6 1.1 christos 7 1.1 christos # tcpsnoop.d 8 1.1 christos UID PID LADDR LPORT DR RADDR RPORT SIZE CMD 9 1.1 christos 100 20892 192.168.1.5 36398 -> 192.168.1.1 79 54 finger 10 1.1 christos 100 20892 192.168.1.5 36398 <- 192.168.1.1 79 66 finger 11 1.1 christos 100 20892 192.168.1.5 36398 -> 192.168.1.1 79 54 finger 12 1.1 christos 100 20892 192.168.1.5 36398 -> 192.168.1.1 79 56 finger 13 1.1 christos 100 20892 192.168.1.5 36398 <- 192.168.1.1 79 54 finger 14 1.1 christos 100 20892 192.168.1.5 36398 <- 192.168.1.1 79 606 finger 15 1.1 christos 100 20892 192.168.1.5 36398 -> 192.168.1.1 79 54 finger 16 1.1 christos 100 20892 192.168.1.5 36398 <- 192.168.1.1 79 54 finger 17 1.1 christos 100 20892 192.168.1.5 36398 -> 192.168.1.1 79 54 finger 18 1.1 christos 100 20892 192.168.1.5 36398 -> 192.168.1.1 79 54 finger 19 1.1 christos 100 20892 192.168.1.5 36398 <- 192.168.1.1 79 54 finger 20 1.1 christos 0 242 192.168.1.5 23 <- 192.168.1.1 54224 54 inetd 21 1.1 christos 0 242 192.168.1.5 23 -> 192.168.1.1 54224 54 inetd 22 1.1 christos 0 242 192.168.1.5 23 <- 192.168.1.1 54224 54 inetd 23 1.1 christos 0 242 192.168.1.5 23 <- 192.168.1.1 54224 78 inetd 24 1.1 christos 0 242 192.168.1.5 23 -> 192.168.1.1 54224 54 inetd 25 1.1 christos 0 20893 192.168.1.5 23 -> 192.168.1.1 54224 57 in.telnetd 26 1.1 christos 0 20893 192.168.1.5 23 <- 192.168.1.1 54224 54 in.telnetd 27 1.1 christos 0 20893 192.168.1.5 23 -> 192.168.1.1 54224 78 in.telnetd 28 1.1 christos 0 20893 192.168.1.5 23 <- 192.168.1.1 54224 57 in.telnetd 29 1.1 christos 0 20893 192.168.1.5 23 -> 192.168.1.1 54224 54 in.telnetd 30 1.1 christos 0 20893 192.168.1.5 23 <- 192.168.1.1 54224 54 in.telnetd 31 1.1 christos 0 20893 192.168.1.5 23 -> 192.168.1.1 54224 60 in.telnetd 32 1.1 christos 0 20893 192.168.1.5 23 <- 192.168.1.1 54224 63 in.telnetd 33 1.1 christos 0 20893 192.168.1.5 23 -> 192.168.1.1 54224 54 in.telnetd 34 1.1 christos 0 20893 192.168.1.5 23 <- 192.168.1.1 54224 60 in.telnetd 35 1.1 christos 0 20893 192.168.1.5 23 -> 192.168.1.1 54224 60 in.telnetd 36 1.1 christos 0 20893 192.168.1.5 23 <- 192.168.1.1 54224 60 in.telnetd 37 1.1 christos 0 20893 192.168.1.5 23 -> 192.168.1.1 54224 72 in.telnetd 38 1.1 christos [...] 39 1.1 christos 40 1.1 christos As new connections are made, each of the TCP packets are traced along with 41 1.1 christos the UID, PID and command name. 42
Indexes created Sat Apr 25 00:22:52 UTC 2026