Hi!
With netstat -tnp I can see currently active internet connections together with with processes.
For example here I can see that connection to 34.107.243.93 was made by firefox:
Code:
tcp 0 0 192.168.1.125:55822 34.107.243.93:443 ESTABLISHED 2699/firefox-esr
Is there any tool that can get process like netstat but that can log all connections instead of displaying them and that doesn't depend on timing? By timing I mean that netstat for example even in continuous mode just keeps reading /proc/net/tcp* every second which means that if program finishes communication with less than second, it has chance of not showing up in that list.
It seems kinda strange that for Windows even free tools such as Process Monitor can show connections per process in live and now in Linux there seem none - I mean plenty of programs that can log connections like Sniffet or Ntopng or iptables but none of them can associate connection with process. And it's hard to believe that netstat is the only tool that can associate connections with programs that made them. So I decided to come here to see what others know.