How can I kill a tcp connection?

hack3rcon · May 25, 2019, 4:39pm

Hello.
How can I kill a tcp connection?

Thank you.

nrickert · May 25, 2019, 8:15pm

That normally has to be done by the process using the connection. Or you can kill that process. The “lsof” command might be useful for finding which process is involved.

ab · May 25, 2019, 11:24pm

An alternative to effectively stop transmission on a given TCP port is to
use iptables commands. For example, if the connection is from the outside
(a client) to your machine (the server) and the local port is 443 with the
remote port being 34567 you could do something like this:


sudo /usr/sbin/iptables -I INPUT -m tcp -p tcp --sport 34567 --dport 443
-j DROP

sudo /usr/sbin/iptables -I INPUT -m tcp -p tcp --sport 443 --dport 34567
-j DROP

These two rules would block any communication on that socket, though keep
in mind it may eventually block other legitimate clients from coming in.

–
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below.

If you want to send me a private message, please let me know in the
forum as I do not use the web interface often.

hack3rcon · May 26, 2019, 7:29am

Other distros has “tcpkill” tool. How about OpenSUSE?

hack3rcon · May 26, 2019, 7:30am

Can you show me an example?

nrickert · May 26, 2019, 2:40pm

Here’s an example of using “lsof”


# lsof -i:25
COMMAND   PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
sendmail 2245 root    4u  IPv4  28645      0t0  TCP localhost:smtp (LISTEN)

That listed all processes with a socket open for port 25. However, “lsof” has lots of options to narrow down the output.

Actually, the “ss” command with the “-p” option can also identify processes using ports.

ss -tp

restricts that to tcp ports.

kerijan2003 · May 26, 2019, 3:39pm

https://software.opensuse.org/search is your friend. Found it in a second.

malcolmlewis · May 26, 2019, 3:51pm

Hi
I don’t think it would be wise to use any of the tcpkill packages on OBS… it’s all > seven (7) years old, I see the latest Fedora release has 33 patches… seems it would be better to find a newer tool…

hack3rcon · May 26, 2019, 3:53pm

It show me “No packages found matching your search.”.

hack3rcon · May 26, 2019, 3:54pm

nrickert:

Here’s an example of using “lsof”
# lsof -i:25
COMMAND   PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
sendmail 2245 root    4u  IPv4  28645      0t0  TCP localhost:smtp (LISTEN)
That listed all processes with a socket open for port 25. However, “lsof” has lots of options to narrow down the output.

Actually, the “ss” command with the “-p” option can also identify processes using ports.
ss -tp
restricts that to tcp ports.

For kill it I need iptables!!!

tsu2 · May 26, 2019, 7:05pm

Based on an Internet search,
I don’t think that there is a single authorized source for tcpkill,
There seem to be a few “improved” private releases in 2014/2015, but I can’t find anything newer.
One commonly used source and likely for Fedora is the dsniff package, but when I look at that OBS package it seems to have omitted/dropped tcpkill for openSUSE… If that’s the Fedora package being looked at, it’s likely the patches have to do with other utilities and not tcpkill.

I suspect this is one of those utilities where the functionality is so simple and basic that there might not be much to patch, so almost any version can be used regardless if it’s patched.

TSU