Security Basics mailing list archives

FW: analysing network activity of processes on my pc

From: "Murda Mcloud" <murdamcloud () bigpond com>
Date: Mon, 20 Nov 2006 10:36:59 +1000






Netstat is a good place to start I guess. Netstat /? At a cmd prompt. Then I
guess you could marry up PID's with IP's and use wireshark from there?
Or you could use process explorer and somehow tie the PID to any packet
captures in wireshark. Just a suggestion.
-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of sami seclist
Sent: Thursday, November 16, 2006 6:55 AM
To: security-basics () securityfocus com
Subject: analysing network activity of processes on my pc

hi all
I would like to monitor and analyse network taffic generated by
processes on my win box.
I first used wireshark (fomerly ethereal), but it doesn't map trafic
to processes, while TDImon from sysinternals gives me this information
because it seems to monitor system calls.however this tool has limited
features in its free version, it simply lists all calls (dozens by
seconds which makes it unpractical).

So Does any of the members of this list knows of a free tool
(preferably open source) that could do the job, and if not do u
suggest another way to do what I want ?

thanks

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------




---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

Current thread:

analysing network activity of processes on my pc sami seclist (Nov 15)
- Re: analysing network activity of processes on my pc Alberto Corsín Lafuente (Nov 16)
- Re: analysing network activity of processes on my pc Ansgar -59cobalt- Wiechers (Nov 16)
- RE: analysing network activity of processes on my pc Michael Dieroff (Nov 16)
- <Possible follow-ups>
- FW: analysing network activity of processes on my pc Murda Mcloud (Nov 20)