Thanks kevin for your reply. well for the first part, my firewall is already blocking those ports but all the applications on the cell phones are working, they are giving any type of error. this led me think that it may be hidden communication. the next thing is currently the devices i have checked all of them are non-rooted. so rooted applications are a no-go. i have network traces for those communications but as they getting blocked at firewall so all of them are basically just SYN messages.
i think getting PID's should solve the problem or at least let me identify the cause of it. so the question is how can i get PID's on non-rooted devices and relate them to network traffic ? On Thursday, July 19, 2012 11:42:36 AM UTC+3, Shoieb Arshad wrote: > > Hello > i am working as network admin in a company. yesterday when i was looking > in the firewall logs, i found out that some of the andorid phones on the > network are > trying to connect different IP's of a 210.X.X.X subnet on 3-4 different > ports. and they were produced huge number of requests it was around > 600000-700000 requests > for each android device. > i then invited one of the staff member, whose phone was producing this > huge traffic, he sure have a lot of applications running but i was not able > to identify the > application which was causing this problem. i there any way i can identify > the application which is producing this traffic ? > thanks > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To view this discussion on the web visit https://groups.google.com/d/msg/android-security-discuss/-/AHjU1Km87SAJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
