Re: [PLUG] Tools for analyzing network traffic from personal computer?

Michael Lazin on 3 Sep 2014 15:16:20 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Tools for analyzing network traffic from personal computer?

From: Michael Lazin <microlaser@gmail.com>
To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
Subject: Re: [PLUG] Tools for analyzing network traffic from personal computer?
Date: Wed, 3 Sep 2014 18:16:09 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=w90whql/scFCEFaGYlLVwYtKAxl7GN41KtbFw0R4pnc=; b=TqgnTmB7lYtnv/efLsyDboNjL16Zv5XLfEZ2YtZvUOYu0EtZZ/ZGInmsTboxxPqKx/ ClsHJDnlnj6NSVqtPKejiMgGr95aMbj4HezR2SdA2LDMWRKLKelVQCQ1nwcpAds3Ukyk EphU8sOYmTHfzo+yh2ysG29wf/dv5p+IJrBIoGPf5HCTnqxruAZ1VCKRe72a+MWN2G2+ nZ1lsnAh7Z02zjNekNFN8lmI4sFc60iZEM1TIuy498EZkKyZV5TaWjhqhcolBWtLqg3V 0bnnpVSrkVP82ojhUWwabLxX5BsLz1MfBByggjd0JSRLdUqGX/7MoodLUL2i7TWxk1yB Wxrg==
Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Sender: "plug" <plug-bounces@lists.phillylinux.org>

Well for a server I am fond of lsof for finding malware because it's output includes the PID as well as the open port. If you see something running on a port that shouldn't be open you can search /proc for the directory that corresponds with the PID and see what the path of the portbinding script is.

On Wed, Sep 3, 2014 at 6:12 PM, Paul Walker <starsinmypockets@gmail.com> wrote:

I'm running OSX on a laptop and trying to get a better handle on what sort of network traffic is happening on it. I'm `using netstat -t -a` which outputs a very long list (600+) of tcp / udp connections. I have a psuedo-professional curiosity about what all this stuff is. I'm wondering if there are any tools or resources folks would recommend that could help me analyze the network traffic, to detect malware for instance, and also just as an educational exercise.

Cheers,

Paul

___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

--
Michael Lazin

to gar auto estin noein te kai ennai

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:
- Re: [PLUG] Tools for analyzing network traffic from personal computer?
  - From: "Keith C. Perry" <kperry@daotechnologies.com>

References:
- [PLUG] Tools for analyzing network traffic from personal computer?
  - From: Paul Walker <starsinmypockets@gmail.com>

Prev by Date: [PLUG] Tools for analyzing network traffic from personal computer?
Next by Date: Re: [PLUG] Tools for analyzing network traffic from personal computer?
Previous by thread: [PLUG] Tools for analyzing network traffic from personal computer?
Next by thread: Re: [PLUG] Tools for analyzing network traffic from personal computer?
Index(es):
- Date
- Thread