Ping a Specific Port

Question

Keyne Viana

Asked: 2010-09-24 08:40:27 +0800 CST2010-09-24 08:40:27 +0800 CST 2010-09-24 08:40:27 +0800 CST

When analyzing packets with Wireshark, is there a way to know which program is sending which packet?

772

is there an easy way to know from where the packets come from? Which program?

My pc which is on 192.168.0.100 is continuously sending packets (TCP and SMB) to an unknown host (192.168.1.99) and I can't figure out which program is doing that.

2 Answers

Voted

mfinni · Answer 1 · 2010-09-24T08:54:34+08:00

mfinni

2010-09-24T08:54:34+08:002010-09-24T08:54:34+08:00

No, wireshark doesn't have this data. Remember, it's sniffing the wire. If you were on a shared network segment, it would show packets from other machines. Hell, even in an unshared segment it shows packets bound to you from other machines, or broadcasts - wireshark certainly has no way of knowing what processes on the remote machines generated those.

What OS are you using? If it's Windows, netstat or TCPView (from Sysinternals) work. I think netstat is also the command on most Unixes.

2

MaQleod · Answer 2 · 2010-09-24T09:36:39+08:00

Best Answer

MaQleod

2010-09-24T09:36:39+08:002010-09-24T09:36:39+08:00

In this case you might just want to use a software firewall, like ZoneAlarm, it will tell you what apps on a computer are sending where.

1

When analyzing packets with Wireshark, is there a way to know which program is sending which packet?

Ping a Specific Port

How do I tell Git for Windows where to find my private RSA key?

How do you restart php-fpm?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

How can I sort du -h output by size

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?