Every minute I have a connexion from a high port to a port 1522 comming out of a HPUX server. It tries to connect on a oracle server on port 1522 with flag syn. This packet is rejected from a firewall.
I know everything about the network connection but I don't know what process do this connexion.
lsof show only the established connections.
I was wondering if there's a tool or command that would log if a process tries to make a remote connection on port 1522. Like tcpdump but with some system informations.
If this doesn't exist, I'll give the point to the person who would successfully assist me to find the solution, but it might be complicated as there are a lot of processes running on this machine.