Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Assigning network packets to applications

  • 10-02-2005 5:14pm
    #1
    Registered Users, Registered Users 2 Posts: 1,165 ✭✭✭


    Dont know if I should add this here or the networks section but anyway...

    We have a WinXP machine here thats generating a lot of outward packets
    that dont seem to have any relevance to what the machine is doing. I've
    run adaware, spybot, etc and norton anti-virus and they only show up
    a few cookies and thats it.

    I've run ethereal on it, and I can see the dns requests and other traffic
    being generated, and I've run anti-spy.info to check the running processes,
    but I cant tell what process/application is generating this traffic...

    So... I'm just wondering if there is an application that shows packets that
    are generated from a machine, and also what application is responsible for
    generating the packets.


Comments

  • Registered Users, Registered Users 2 Posts: 782 ✭✭✭gibo_ie


    if you run netstat -a from a dos command window you can see which ports are opening and communicating. By default there are quite a few of (almost) useless traffic outbound. If worried get Zonealarms personal fiewall from zonelabs - it is free and will block unnneded traffic. i have it installed even though i am behind a corporate firewall and works great.


  • Closed Accounts Posts: 7,488 ✭✭✭SantaHoe


    Have a look at TCP view from sysinternals (it's free)
    http://www.sysinternals.com/ntw2k/utilities.shtml
    It's pretty good, not as low level as ethereal, it'll only show you what apps are actively accessing the net, not specific packet info... but it does the trick and has a more digestable UI than something running from the command line.


  • Registered Users, Registered Users 2 Posts: 11,397 ✭✭✭✭azezil


    When you try to access any website there's about 8 steps, first contacting the dns, confirmation, contacting the site, resolving host name etc., looks like a lot of packets flying about but that's normal :)

    But as gibo_ie said if you're really concerned try zone alarm it blocks everything then asks you what you do and don't want to access the net.


  • Registered Users, Registered Users 2 Posts: 1,165 ✭✭✭Stky10


    I used TCPView and it seems to be skype that was generating most of the traffic. I've shut it down and things seem to be much better. I'll leave it be for a while and see whether things remain as are or return to the way they were.

    Cheers...


Advertisement