OS: Windows XP
Is there any tool that can do packet sniffing by processes? I use Wireshark before, but that's too wide. I need just to look into a certain process.
Asked
Active
Viewed 645 times
2 Answers
4
Little Snitch can do this.
If the process doesn't change its ports too often, you can get a list of the process' ports with
$ lsof -i | grep <process name>
Then use tcpdump.
$ sudo tcpdump -i en1 port 80 > dump.txt
Where en1 is your interface.
$ ifconfig
to get a list.
$ man -t lsof | open -f -a /Applications/Preview.app
$ man -t tcpdump | open -f -a /Applications/Preview.app
$ man -t pcap-filter | open -f -a /Applications/Preview.app
Jay
- 684
- 1
- 5
- 12
1
Microsoft Network Monitor can display the process for each traffic "stream" captured.
joeqwerty
- 5,500