Security Basics mailing list archives

Re: analysing network activity of processes on my pc

From: Alberto Corsín Lafuente <alberto () corsin org>
Date: Thu, 16 Nov 2006 10:25:51 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I don't know if there's any tool which both sniffs and get theprocess pid, but you can combine it with netstat -putan (on linux, -nabo on windows) to get the pid of the process who stablishes eachconnection.


Regards

El 15/11/2006, a las 21:54, sami seclist escribió:

hi all
I would like to monitor and analyse network taffic generated by
processes on my win box.
I first used wireshark (fomerly ethereal), but it doesn't map trafic
to processes, while TDImon from sysinternals gives me this information
because it seems to monitor system calls.however this tool has limited
features in its free version, it simply lists all calls (dozens by
seconds which makes it unpractical).

So Does any of the members of this list knows of a free tool
(preferably open source) that could do the job, and if not do u
suggest another way to do what I want ?

thanks
---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of AcademicExcellence in Information Security. Our program offers unparalleledInfosec management education and the case study affords youunmatched consulting experience. Using interactive e-Learningtechnology, you can earn this esteemed degree, without disruptingyour career or home life.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)

iD8DBQFFXC6o5nUr49b46noRApMEAJ9JNjuumFXpx3+wRloqq7pOxgcIswCgkdGx
fU62XA1F4vwXqLp8jaTEfdU=
=lElb
-----END PGP SIGNATURE-----

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

Current thread:

analysing network activity of processes on my pc sami seclist (Nov 15)
- Re: analysing network activity of processes on my pc Alberto Corsín Lafuente (Nov 16)
- Re: analysing network activity of processes on my pc Ansgar -59cobalt- Wiechers (Nov 16)
- RE: analysing network activity of processes on my pc Michael Dieroff (Nov 16)
- <Possible follow-ups>
- FW: analysing network activity of processes on my pc Murda Mcloud (Nov 20)