Re: tcpdump process information
Yuri Pankov пишет: On Tue, Aug 28, 2007 at 07:18:07PM +0400, Edward wrote: Ilias Sachpazidis пишет: Hi, try ettercap. http://ettercap.sourceforge.net/ -IS --- Fraunhofer IGD Department Cognitive Computing Medical Imaging Ilias Sachpazidis phone:+49/(0)/6151/155 507 Fraunhoferstr. 5 fax :+49/(0)/6151/155 480 D-64283 Darmstadt [EMAIL PROTECTED] Germany http://www.igd.fhg.de/~isachpaz --- -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Edward Sent: Dienstag, 28. August 2007 14:02 To: freebsd-questions@freebsd.org Subject: tcpdump process information Hi there! Is there an utility which can work as usual tcpdump but with process information option? (or something like continually running `sockstat -46` or `fstat | grep internet` or `lsof -i4 -i6` ...etc) i.e. i wanna see which process generate network traffic to trace out some suspicious activity. it would be great if this program will be might to log all what it`ll capture. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] i saw it`s dependencies list.. http://www.freebsd.org/cgi/ports.cgi?query=ettercapstype=all it requires X and so on :( threfore it`s impossible to run it on the most of servers. You can disable building GTK2 frontend by passing WITHOUT_GTK=yes to make (or unchecking GTK option in 'make config' dialog). E.g. [/usr/ports/net-mgmt/ettercap] make WITHOUT_GTK=yes all-depends-list /usr/ports/net/libnet /usr/ports/devel/pcre /usr/ports/converters/libiconv /usr/ports/devel/libltdl15 /usr/ports/devel/libtool15 HTH, Yuri sorry, but i can`t see any process information in ettercap`s output. And ettercap is really dangerous progie(of course it requires root privileges, but if my machine will be compromised it can make attacker`s life a bit easier) any alternatives to ettercap? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
tcpdump process information
Hi there! Is there an utility which can work as usual tcpdump but with process information option? (or something like continually running `sockstat -46` or `fstat | grep internet` or `lsof -i4 -i6` ...etc) i.e. i wanna see which process generate network traffic to trace out some suspicious activity. it would be great if this program will be might to log all what it`ll capture. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: tcpdump process information
Hi, try ettercap. http://ettercap.sourceforge.net/ -IS --- Fraunhofer IGD Department Cognitive Computing Medical Imaging Ilias Sachpazidis phone:+49/(0)/6151/155 507 Fraunhoferstr. 5 fax :+49/(0)/6151/155 480 D-64283 Darmstadt [EMAIL PROTECTED] Germany http://www.igd.fhg.de/~isachpaz --- -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Edward Sent: Dienstag, 28. August 2007 14:02 To: freebsd-questions@freebsd.org Subject: tcpdump process information Hi there! Is there an utility which can work as usual tcpdump but with process information option? (or something like continually running `sockstat -46` or `fstat | grep internet` or `lsof -i4 -i6` ...etc) i.e. i wanna see which process generate network traffic to trace out some suspicious activity. it would be great if this program will be might to log all what it`ll capture. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: tcpdump process information
Ilias Sachpazidis пишет: Hi, try ettercap. http://ettercap.sourceforge.net/ -IS --- Fraunhofer IGD Department Cognitive Computing Medical Imaging Ilias Sachpazidis phone:+49/(0)/6151/155 507 Fraunhoferstr. 5 fax :+49/(0)/6151/155 480 D-64283 Darmstadt [EMAIL PROTECTED] Germany http://www.igd.fhg.de/~isachpaz --- -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Edward Sent: Dienstag, 28. August 2007 14:02 To: freebsd-questions@freebsd.org Subject: tcpdump process information Hi there! Is there an utility which can work as usual tcpdump but with process information option? (or something like continually running `sockstat -46` or `fstat | grep internet` or `lsof -i4 -i6` ...etc) i.e. i wanna see which process generate network traffic to trace out some suspicious activity. it would be great if this program will be might to log all what it`ll capture. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] i saw it`s dependencies list.. http://www.freebsd.org/cgi/ports.cgi?query=ettercapstype=all it requires X and so on :( threfore it`s impossible to run it on the most of servers. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: tcpdump process information
On Tue, Aug 28, 2007 at 07:18:07PM +0400, Edward wrote: Ilias Sachpazidis пишет: Hi, try ettercap. http://ettercap.sourceforge.net/ -IS --- Fraunhofer IGD Department Cognitive Computing Medical Imaging Ilias Sachpazidis phone:+49/(0)/6151/155 507 Fraunhoferstr. 5 fax :+49/(0)/6151/155 480 D-64283 Darmstadt [EMAIL PROTECTED] Germany http://www.igd.fhg.de/~isachpaz --- -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Edward Sent: Dienstag, 28. August 2007 14:02 To: freebsd-questions@freebsd.org Subject: tcpdump process information Hi there! Is there an utility which can work as usual tcpdump but with process information option? (or something like continually running `sockstat -46` or `fstat | grep internet` or `lsof -i4 -i6` ...etc) i.e. i wanna see which process generate network traffic to trace out some suspicious activity. it would be great if this program will be might to log all what it`ll capture. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] i saw it`s dependencies list.. http://www.freebsd.org/cgi/ports.cgi?query=ettercapstype=all it requires X and so on :( threfore it`s impossible to run it on the most of servers. You can disable building GTK2 frontend by passing WITHOUT_GTK=yes to make (or unchecking GTK option in 'make config' dialog). E.g. [/usr/ports/net-mgmt/ettercap] make WITHOUT_GTK=yes all-depends-list /usr/ports/net/libnet /usr/ports/devel/pcre /usr/ports/converters/libiconv /usr/ports/devel/libltdl15 /usr/ports/devel/libtool15 HTH, Yuri ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]