[Novalug] Finding PID That Is Querying DNS
Bernie Hoefer
LUG-Member at TheMoreIKnow.info
Wed Oct 3 12:29:06 EDT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Kevin Dwyer wrote:
===
> Ah, in that case the kernel is most likely responsible. netstat run as
> root will not show a PID for connections made by the kernel. (This is
> easy to notice when you mount an NFS drive, for instance.)
>
> Now, I don't know which module exactly would do this or the best way to
> track it down, but this should at least narrow your search.
===
Hmmm. That's a good suggestion that the traffic might be coming from
the kernel, itself. I'll have to research that. Thanks!
- --
Bernie Hoefer
PGP e-mail is welcome! Get my 1024 bit signature key from:
<http://pgpkeys.mit.edu:11371/pks/lookup?op=get&search=0x446A6F93>.
"The more I know, the more I realize how much I do not understand."
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFHA8NLckGmqURqb5MRAgdEAJ9nyS16UuZp9eVJsE0mHffmk82W0wCgksWo
M2qgSUoTat4YGFeU5CCN7Hc=
=+qkr
-----END PGP SIGNATURE-----
More information about the Novalug
mailing list