Re: Tracking network traffic
Re: Tracking network traffic
- Subject: Re: Tracking network traffic
- From: Peter Sichel <email@hidden>
- Date: Mon, 2 Jun 2008 09:17:29 -0400
On 6/2/08 at 7:31 AM, email@hidden (Mark Thomas) wrote:
I was wondering if anybody know's of what the best way of tracking
down,
if a rogue process is sending out some bad traffic.
Little Snitch seems popular for this. <http://www.obdev.at/>.
Little Snitch will alert you the first time a named process attempts
to generate an outbound packet and give you an opportunity to
authorize it, or reject it.
I need to find out
which OS or Appl process is sending out a particular packet, which
seems to
be upsetting some routers in market place.
It sounds like you've already identified the unexpected packet (is it
TCP, UDP, ICMP, or something else?), and just want to determine what
process could have sent it (assuming it is being sent intentionally by
some application level process, as opposed to being generated by the
stack itself or some NKE in response to an unexpected condition). If
Little Snitch doesn't catch the offender the first time, you may need
a tool that can call lsof repeatedly to match process names with open
sockets, and perhaps even log who is doing what.
The Connection List tool in IPNetMonitorX calls lsof periodically to
match process names with open sockets, but may not be fast enough to
catch what you want. If you say more about what you're looking for,
I'd be happy to take a swing at it.
Kind Regards,
- Peter Sichel
Sustainable Softworks
http://www.sustworks.com
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden