1. FUSER
Kill all processes using port 80
fuser -k -n tcp 80
Kill all processes using this path pr file in any way
fuser -k -n file -m /home
2. LSOF
List processes using specific sockets
lsof -i #all the TCP/UDP connections
lsof -i tcp #all the TCP connections
lsof -i udp #all the UDP connections
lsof -i tcp:80 #TCP connections on port 80
lsof -i @56.85.68.98 #Connection between my host and 56.85.68.98
List all files opened by a process
lsof -p 1456
List of all network connections and all files opened by a processs
lsof -i -p 1234
List of all network connections used by a specific process
#-a acts like an AND operator
lsof -i -a -p 1234
List of all files opened by user toto or 500 or by process 1234 or by process 12345
lsof -p 1234,12345 -u 500,toto
3. NETSTAT
There’s a few parameters to netstat that are useful for this :
- -l or –listening : Shows only the sockets currently listening for incoming connection.
- -a or –all : Shows all sockets currently in use.
- -t or –tcp : Shows the tcp sockets.
- -u or –udp : Shows the udp sockets.
- -n or –numeric : Shows the hosts and ports as numbers, instead of resolving in dns and looking in /etc/services.
- -p or –program : Shows the PID and name of the program to which each socket belongs
You use a mix of these to get what you want. To know which port numbers are currently in use, use one of these:
netstat -atn # For tcp
netstat -aun # For udp
netstat -atun # For both
netstat -nlapute | grep LISTEN | grep 11000
4. pldd & ldd : List dependencies/libraries used by a process
#using the executable
ldd /bin/ls
#using the PID
lsof -p PID
#can also look at /proc/$PID/maps
pldd pid
##example
# Write all dependencies into a file
lsof -p 20346 >> temp.txt && lsof -p 20328 >> temp.txt && lsof -p 20330 >> temp.txt
# grep the specific library you're looking for and deduplicate them
cat ./temp.txt | grep mqm | awk -F " " '{ print $9 }' | sort -u