From owner-freebsd-questions@FreeBSD.ORG Tue Aug 28 15:18:17 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 85A5716A418 for ; Tue, 28 Aug 2007 15:18:17 +0000 (UTC) (envelope-from edward.polinsky@gmail.com) Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.190]) by mx1.freebsd.org (Postfix) with ESMTP id 01BE313C4A6 for ; Tue, 28 Aug 2007 15:18:16 +0000 (UTC) (envelope-from edward.polinsky@gmail.com) Received: by nf-out-0910.google.com with SMTP id b2so1498135nfb for ; Tue, 28 Aug 2007 08:18:15 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:disposition-notification-to:date:from:reply-to:user-agent:mime-version:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=KInWOvVsKXiFL5RWlipkpCYbQhwVo7C0stUDu3Re4EWqsJnjps4UL9pi/xvINey/XO8mgiido2T9M1+mrBobRWUX/2Bc+Zjx1cImB/sLO25dOzNiTkA5boWTdwJKlrsHazIVgp4fxK0Ot1bSkbzx80k2i2igT4EkhjB7mn4NaQc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:disposition-notification-to:date:from:reply-to:user-agent:mime-version:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=lt+uLJ4x6YT8SlYW8FGVy46qYBrMdHMfqeCipyyi4/AQHnqj4cAa2zP6FDIB5+WEgnU6+wYwe37MUhAKNn9QuX5+SkDxqJhH9m1h1+hxsKgIGXDxzNO7g7aweZtmAOQMiJY1sG0siC/UftUG09ZdSADIOZ/VH/FCXbnEmoSUAi4= Received: by 10.78.83.15 with SMTP id g15mr4971434hub.1188314295241; Tue, 28 Aug 2007 08:18:15 -0700 (PDT) Received: from ?192.168.0.100? ( [81.195.230.194]) by mx.google.com with ESMTPS id k28sm7219356ugd.2007.08.28.08.18.09 (version=SSLv3 cipher=RC4-MD5); Tue, 28 Aug 2007 08:18:11 -0700 (PDT) Message-ID: <46D43CAF.4030205@gmail.com> Date: Tue, 28 Aug 2007 19:18:07 +0400 From: Edward User-Agent: Thunderbird 2.0.0.6 (Windows/20070728) MIME-Version: 1.0 CC: freebsd-questions@freebsd.org References: <46D40E9D.1040809@gmail.com> <003f01c7e981$3ecace80$81078c92@PC1510> In-Reply-To: <003f01c7e981$3ecace80$81078c92@PC1510> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Subject: Re: tcpdump & process information X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: edward.polinsky@gmail.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Aug 2007 15:18:17 -0000 Ilias Sachpazidis пишет: > Hi, try ettercap. < http://ettercap.sourceforge.net/> > > -IS > > --------------------------------------------------- > Fraunhofer IGD > Department Cognitive Computing & Medical Imaging > > Ilias Sachpazidis phone:+49/(0)/6151/155 507 > Fraunhoferstr. 5 fax :+49/(0)/6151/155 480 > D-64283 Darmstadt Ilias.Sachpazidis@igd.fhg.de > Germany http://www.igd.fhg.de/~isachpaz > --------------------------------------------------- > > -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of Edward > Sent: Dienstag, 28. August 2007 14:02 > To: freebsd-questions@freebsd.org > Subject: tcpdump & process information > > Hi there! > > Is there an utility which can work as usual tcpdump but with process > information option? > (or something like continually running `sockstat -46` or `fstat | grep > internet` or `lsof -i4 -i6` ...etc) > i.e. i wanna see which process generate network traffic to trace out > some suspicious activity. > it would be great if this program will be might to log all what it`ll > capture. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > i saw it`s dependencies list...... http://www.freebsd.org/cgi/ports.cgi?query=ettercap&stype=all it requires X and so on :( threfore it`s impossible to run it on the most of servers.