Re: tcpdump & process information

Wed, 29 Aug 2007 05:08:24 -0700 

Yuri Pankov пишет:

On Tue, Aug 28, 2007 at 07:18:07PM +0400, Edward wrote:

Ilias Sachpazidis пишет:

Hi, try ettercap. < http://ettercap.sourceforge.net/>

-IS

---------------------------------------------------
Fraunhofer IGD
Department Cognitive Computing & Medical Imaging

Ilias Sachpazidis  phone:+49/(0)/6151/155 507
Fraunhoferstr. 5   fax  :+49/(0)/6151/155 480
D-64283 Darmstadt  [EMAIL PROTECTED]
Germany           http://www.igd.fhg.de/~isachpaz
---------------------------------------------------

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Edward
Sent: Dienstag, 28. August 2007 14:02
To: freebsd-questions@freebsd.org
Subject: tcpdump & process information

Hi there!
Is there an utility which can work as usual tcpdump but with process information option? (or something like continually running `sockstat -46` or `fstat | grep internet` or `lsof -i4 -i6` ...etc) i.e. i wanna see which process generate network traffic to trace out some suspicious activity. it would be great if this program will be might to log all what it`ll capture. 
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
i saw it`s dependencies list...... http://www.freebsd.org/cgi/ports.cgi?query=ettercap&stype=all it requires X and so on :( threfore it`s impossible to run it on the most of servers. 

You can disable building GTK2 frontend by passing WITHOUT_GTK=yes to make (or
unchecking GTK option in 'make config' dialog).

E.g.
[/usr/ports/net-mgmt/ettercap]> make WITHOUT_GTK=yes all-depends-list
/usr/ports/net/libnet
/usr/ports/devel/pcre
/usr/ports/converters/libiconv
/usr/ports/devel/libltdl15
/usr/ports/devel/libtool15


HTH,
Yuri


sorry, but i can`t see any process information in ettercap`s output.
And ettercap is really dangerous progie(of course it requires root privileges, but if my machine will be compromised it can make attacker`s life a bit easier) 
any alternatives to ettercap?
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to