network bash lsof - ghdrako/doc

https://man7.org/linux/man-pages/man8/lsof.8.html

lsof - lists open files (kernel-level functionality), but it's also capable of determining which processes are using those opened files. Keep in mind that, in Unix operating systems, almost everything is a file, which also includes objects such as network sockets. As such, lsof is often used when dealing with security aspects of our Linux systems, as it obviously gives many more technical details when compared to netstat.

Show process that use internet connection at the moment

lsof -P -i -n

Show process that use specific port number

lsof -i tcp:443

Lists all listening ports together with the PID of the associated process

lsof -Pan -i tcp -i udp

List all open ports and their owning executables

lsof -i -P | grep -i "listen"

Show all open ports

lsof -Pnl -i

Show open ports (LISTEN)

lsof -Pni4 | grep LISTEN | column -t

List all files opened by a particular command

lsof -c "process"

View user activity per directory

lsof -u username -a +D /etc

Show 10 largest open files

lsof / | \
awk '{ if($7 > 1048576) print $7/1048576 "MB" " " $9 " " $1 }' | \
sort -n -u | tail | column -t

Show current working directory of a process

lsof -p <PID> | grep cwd

network bash lsof - ghdrako/doc_snipets GitHub Wiki

⚠️ GitHub.com Fallback ⚠️

network bash lsof - ghdrako/doc_snipets GitHub Wiki

⚠️ **GitHub.com Fallback** ⚠️

⚠️ GitHub.com Fallback ⚠️