soln :-
to attach to a running process and trace system calls
strace -p pid or strace -c ls >/dev/null
(Display system calls made and received by a process)
to trace network system calls
strace -e trace=network,read,write......
ex:-
strace -e trace=network,read,write ping 192.168.40.7
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0@!\0\000"..., 512) = 512
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\260e\1"..., 512) = 512
socket(PF_INET, SOCK_RAW, IPPROTO_ICMP) = -1 EPERM (Operation not permitted)
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(1025), sin_addr=inet_addr("192.168.40.7")}, 16) = 0
getsockname(3, {sa_family=AF_INET, sin_port=htons(38430), sin_addr=inet_addr("192.168.40.230")}, [16]) = 0
write(3, "ping: icmp open socket: Operatio"..., 48ping: icmp open socket: Operation not permitted
) = 48
Process 7953 detached
No comments:
Post a Comment