Apr 26, '07 07:30:00AM • Contributed by: Anonymous
When a machine is compromised, you want to see what servers it may have installed, listening on your system. To do this, you need to "identify" all of the processes running servers. Normally you do this with fuser or netstat -nlp. Unfortunately, neither work on OS X.
I finally figured out how to do this, and just wanted to post it online so others searching could find it. In Terminal, just run this command:
lsof -i | grep LISTEN
This will list all processes that are listening on your machine. That's it!
