| Trees | Indices | Help |
|
|---|
|
|
Prints all open sockets we know about, from any source.
Netstat will display even connections that lsof doesn't know about, because they were either recovered from an allocation zone, or found through a secondary mechanism (like system call handler cache).
On the other hand, netstat doesn't know the file descriptor or, really, the process that owns the connection (although it does know the PID of the last process to access the socket.)
Netstat will also tell you, in the style of psxview, if a socket was only found using some of the methods available.
| Nested Classes | |
|
__metaclass__ Automatic Plugin Registration through metaclasses. (Inherited from rekall.plugin.Command) |
|
|
top_level_class A command can be run from the rekall command line. (Inherited from rekall.plugin.Command) |
|
| Instance Methods | |||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
Inherited from |
|||
| Class Methods | |||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
| Class Variables | |
name = |
|
PHYSICAL_AS_REQUIRED = True
(Inherited from rekall.plugin.PhysicalASMixin)
|
|
PROFILE_REQUIRED = True
(Inherited from rekall.plugin.ProfileCommand)
|
|
ROW_OPTIONS = |
|
classes = |
|
classes_by_name = |
|
error_status = Nonehash(x) (Inherited from rekall.plugin.Command) |
|
interactive = False
(Inherited from rekall.plugin.Command)
|
|
mode = hash(x) (Inherited from rekall.plugins.darwin.common.DarwinOnlyMixin) |
|
plugin_args = Nonehash(x) (Inherited from rekall.plugin.ArgsParserMixin) |
|
plugin_feature = |
|
producer = False
(Inherited from rekall.plugin.Command)
|
|
table_options = |
|
| Properties | |
|
table_header hash(x) |
|
|
Inherited from |
|
| Method Details |
Collect data that will be passed to renderer.table_row.
|
|
|
| Property Details |
table_headerhash(x)
|
| Trees | Indices | Help |
|
|---|
| Generated by Epydoc 3.0.1 on Mon Oct 9 03:28:09 2017 | http://epydoc.sourceforge.net |