• 1
Its nice to see the caption "systemtap" In 2006 I had worked a little bit on that. May be hardly a week or 5 days on that, before joining my current firm. Nostalgia :)

Great SystemTap script!

This only works for local applications, though. This won't show incoming connections from other systems on the network. To see those connections, it will have to probe syscall.listen and syscall.accept, although it's probably easier to just use an iptables rule to log traffic on that port. Something like
iptables -I INPUT 1 -p tcp -m tcp --dport 23 -j LOG

Re: client side only

Yes, this was specifically for the client program, since if it is the server, I can easily find out with lsof/netstat since it will remain up to listen on the socket. The client is much more volatile. The intent was to find out which program was coming up repeatedly to access the telnet port. There is no way of knowing that.

  • 1

Log in