Date: Fri, 11 Jan 2008 08:58:58 +0700 (ICT) From: Olivier Nicole <on@cs.ait.ac.th> To: darryl@osborne-ind.com Cc: freebsd-questions@freebsd.org Subject: Re: Network monitoring program. Message-ID: <200801110158.m0B1wwx1025047@banyan.cs.ait.ac.th> In-Reply-To: <7D19E771EDB24875BA7CCF6BC64F46AD@Europa> (darryl@osborne-ind.com) References: <7D19E771EDB24875BA7CCF6BC64F46AD@Europa>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, > I need to monitor the network traffic from specific IP addresses. > I need to be able to deduce the applications that are running > that are generating the traffic. Unless you have full acess to the machine with that specific IP, you will never be able to do more than guessing what are the application generating the traffic: let say you are on a router smowhere on your network and you are interested by the traffic generated by some client accessing Internet, if you see traffic on TCP 80, maybe it i Internet Explorer, maybe Firefox, but it coul dalso be an anti-virus that uses port 80 to update the virus definition. And if you have very strict network usage policy on your network and you are blocking everything except port 80, it could even be Emule on top of port 80. Olivier
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200801110158.m0B1wwx1025047>