Score:1

Log process for outgoing connections

cn flag

Is there an easy way to set up logging of all outgoing connections to certain ports, for example? Trying to figure out which programs/processes causes certain outbound connections.

Server is already using UFW, and logging these connections, but there is no indication of "who" is causing them.

lsof and ss does not seem to be able to listen continuously like this?

guiverc avatar
cn flag
[Ubuntu 16.04 LTS has reached the end of it's *standard* support life](https://fridge.ubuntu.com/2021/03/13/extended-security-maintenance-for-ubuntu-16-04-xenial-xerus-begins-april-30-2021/) thus is now off-topic here unless your question is specific to helping you move to a supported release of Ubuntu. Ubuntu 16.04 ESM support is available, but not on-topic here, see https://askubuntu.com/help/on-topic See also https://ubuntu.com/blog/ubuntu-16-04-lts-transitions-to-extended-security-maintenance-esm
cn flag
The question is general, and also applicable for later Ubuntu versions hosted by us. Therefore I have removed the 16.04 tag.
ru flag
Did you find a solution to this?
cn flag
@cherouvim not really. But set up some firewall rules that log certain connections. And captured some packets over a long time, and checked in Wireshark. That's the closest I really got.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.