jdevoo/scan.sh

## scan.sh
#!/bin/bash

if [ "$1" = "" ]; then
  process="firefox"
else
  process="$1"
fi

echo "Scanning for connections established by '$process'. Press CTRL-C to exit."

while true; do
  for pid in `ps ax | grep $process | awk {'print $1'}`; do
    for addr in `sudo netstat --program --ip -n | grep $pid | awk '{split($5,a,":"); print a[1];}'`; do
      origin=`whois $addr | grep -i origin | tail -1`
      if [ "$origin" = "" ]; then origin="AS?"; fi
      descr1=`whois $addr | grep -i descr | head -1`
      if [ "$descr1" = "" ]; then
        descr1=`whois $addr | grep -i OrgName | tail -1`
        if [ "$descr1" = "" ]; then descr1="?"; fi
        descr2=""
      else
        descr2=`whois $addr | grep -i descr | tail -1`
      fi
      echo -n "${addr}: "
      echo -n "${descr1#*:} " | tr -s " "
      echo -n "${descr2#*:} " | tr -s " "
      echo "${origin#*:}" | tr -s " "
    done
  done
  sleep 10
done
	#!/bin/bash

	if [ "$1" = "" ]; then
	process="firefox"
	else
	process="$1"
	fi

	echo "Scanning for connections established by '$process'. Press CTRL-C to exit."

	while true; do
	for pid in `ps ax \| grep $process \| awk {'print $1'}`; do
	for addr in `sudo netstat --program --ip -n \| grep $pid \| awk '{split($5,a,":"); print a[1];}'`; do
	origin=`whois $addr \| grep -i origin \| tail -1`
	if [ "$origin" = "" ]; then origin="AS?"; fi
	descr1=`whois $addr \| grep -i descr \| head -1`
	if [ "$descr1" = "" ]; then
	descr1=`whois $addr \| grep -i OrgName \| tail -1`
	if [ "$descr1" = "" ]; then descr1="?"; fi
	descr2=""
	else
	descr2=`whois $addr \| grep -i descr \| tail -1`
	fi
	echo -n "${addr}: "
	echo -n "${descr1#*:} " \| tr -s " "
	echo -n "${descr2#*:} " \| tr -s " "
	echo "${origin#*:}" \| tr -s " "
	done
	done
	sleep 10
	done