Date: Wed, 29 Aug 2007 16:07:15 +0400 From: Edward <edward.polinsky@gmail.com> To: freebsd-questions@freebsd.org Subject: Re: tcpdump & process information Message-ID: <46D56173.9060604@gmail.com> In-Reply-To: <20070828152830.GB1338@darklight.org.ru> References: <46D40E9D.1040809@gmail.com> <003f01c7e981$3ecace80$81078c92@PC1510> <46D43CAF.4030205@gmail.com> <20070828152830.GB1338@darklight.org.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Yuri Pankov пишет: > On Tue, Aug 28, 2007 at 07:18:07PM +0400, Edward wrote: > >> Ilias Sachpazidis пишет: >> >>> Hi, try ettercap. < http://ettercap.sourceforge.net/>; >>> >>> -IS >>> >>> --------------------------------------------------- >>> Fraunhofer IGD >>> Department Cognitive Computing & Medical Imaging >>> >>> Ilias Sachpazidis phone:+49/(0)/6151/155 507 >>> Fraunhoferstr. 5 fax :+49/(0)/6151/155 480 >>> D-64283 Darmstadt Ilias.Sachpazidis@igd.fhg.de >>> Germany http://www.igd.fhg.de/~isachpaz >>> --------------------------------------------------- >>> >>> -----Original Message----- >>> From: owner-freebsd-questions@freebsd.org >>> [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of Edward >>> Sent: Dienstag, 28. August 2007 14:02 >>> To: freebsd-questions@freebsd.org >>> Subject: tcpdump & process information >>> >>> Hi there! >>> >>> Is there an utility which can work as usual tcpdump but with process >>> information option? >>> (or something like continually running `sockstat -46` or `fstat | grep >>> internet` or `lsof -i4 -i6` ...etc) >>> i.e. i wanna see which process generate network traffic to trace out some >>> suspicious activity. >>> it would be great if this program will be might to log all what it`ll >>> capture. >>> _______________________________________________ >>> freebsd-questions@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >>> To unsubscribe, send any mail to >>> "freebsd-questions-unsubscribe@freebsd.org" >>> >>> >> i saw it`s dependencies list...... >> http://www.freebsd.org/cgi/ports.cgi?query=ettercap&stype=all >> it requires X and so on :( threfore it`s impossible to run it on the most >> of servers. >> > > You can disable building GTK2 frontend by passing WITHOUT_GTK=yes to make (or > unchecking GTK option in 'make config' dialog). > > E.g. > [/usr/ports/net-mgmt/ettercap]> make WITHOUT_GTK=yes all-depends-list > /usr/ports/net/libnet > /usr/ports/devel/pcre > /usr/ports/converters/libiconv > /usr/ports/devel/libltdl15 > /usr/ports/devel/libtool15 > > > HTH, > Yuri > > sorry, but i can`t see any process information in ettercap`s output. And ettercap is really dangerous progie(of course it requires root privileges, but if my machine will be compromised it can make attacker`s life a bit easier) any alternatives to ettercap?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?46D56173.9060604>