In Linux, I would like to be able to determine whether a given program is connected to a remote server and is transmitting/receiving data. I'd also like to see which IP address or URL the program is connected to, and what data is being transmitted.
For example, is there a way to view a music ripper program's connection to CDDB, and see what it is sending/receiving?
How could I do this?
netstat with -p switch will show you which programs listen to which ports or use network connections at any given time. It shows connection state, address of the other side etc. -n switch (don't resolve IP adresses) makes it much faster. Running with sudo will usually show more connections, but if you're only interested in a program started with the current user it isn't necessary.
It can be tricky to "catch" a program opening a short lived connection though. Some firewall frontends can help with that, e.g. firestarter.
To see actual data sent over the connection wireshark allows to capture and study network traffic.
