How to determine which process sends UDP packets periodically to an IP address?

linux networking udp
7,556

Check tcpdump for the source port number of the packets. Then run

sudo netstat -a -u -n --program

Look for the PID/Program name matching the source port number.

This assumes that the sending process is leaving its socket open between sends, which is what any normal program would do. If you are dealing a program that is deliberately trying to hide itself, that's whole different story.

Share:
7,556

Related videos on Youtube

Alex
Author by

Alex

Updated on September 18, 2022

Comments

  • Alex
    Alex over 1 year

    I tried looping with netstat and but the packets are small and not frequent so do not get caught (can still see them with tcpdump). Need to know which process sends those packets.

    • Cougar
      Cougar about 12 years
      Have you tired iptables --log-uid option?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

When will a connected UDP socket be closed by the OS?
Are UDP Packets dropped when UDP header checksum is incorrect?
Do I need a PORT when joining a multicast group or just the IP?
Does /proc/net/udp count all drops that occur between ethernet plug and my app?
Why some iptables DNAT rules don't work until reboot?
How to list all requests to udp sockets?
Testing UDP port connectivity
Sockets found by lsof but not by netstat
how to get statistics of received packets on a specific udp port
TCP buffers keep filling up (Recv-Q full): named unresponsive