[root@localhost ~]# netstat -ntp Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 192.168.56.110:22 192.168.56.1:55287 ESTABLISHED 1344/sshd: root@pts tcp 0 0 192.168.56.110:22 192.168.56.1:55589 ESTABLISHED 4791/sshd: root@pts
然后,在实施hack之后,进程所属的tcp连接被交换了:
[root@localhost ~]# netstat -ntp Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 192.168.56.110:22 192.168.56.1:55287 ESTABLISHED 4791/sshd: root@pts tcp 0 0 192.168.56.110:22 192.168.56.1:55589 ESTABLISHED 1344/sshd: root@pts
[root@localhost ~]# netstat -ntp Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 192.168.56.110:22 192.168.56.1:55287 ESTABLISHED 4791/sshd: root@pts tcp 0 0 192.168.56.110:22 192.168.56.1:55589 ESTABLISHED 1344/sshd: root@pts