From owner-freebsd-questions@FreeBSD.ORG Tue Aug 28 12:30:28 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8F0D016A420 for ; Tue, 28 Aug 2007 12:30:28 +0000 (UTC) (envelope-from edward.polinsky@gmail.com) Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.184]) by mx1.freebsd.org (Postfix) with ESMTP id 2412C13C468 for ; Tue, 28 Aug 2007 12:30:25 +0000 (UTC) (envelope-from edward.polinsky@gmail.com) Received: by nf-out-0910.google.com with SMTP id b2so1452556nfb for ; Tue, 28 Aug 2007 05:30:25 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:disposition-notification-to:date:from:reply-to:user-agent:mime-version:to:subject:content-type:content-transfer-encoding; b=mJlx7kudfF1hzP11A6MujEoSQQ1A+FoMN/TYCTbMvye6zfV3fcIS7U/SB8Hsp3itocvNjGgf6gUtVySItT3E+yE/lKPNfElPOOwLnfz2Y+FBJCIDSZPefHbJmU/04V5u0M/+E/Wo72E5c1KCvDinZt8AEdsD+yxu0h85rqMQ1x0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:disposition-notification-to:date:from:reply-to:user-agent:mime-version:to:subject:content-type:content-transfer-encoding; b=S/7G+O7kVZTkvmG9sNGhN4FnaadNCnnHWgjpCvsmDbvmFNW2D8Kam+1CGoRVc8ECXCQ4qL6/EqPEQiCzLp3DJIHN71vpWaaJQrhKfSd6U261S9+77g7y/VCx0X46TIYCHS4OUihhtrZs6kTuzSW1LEEaSP+niSbwNE515py4Fi4= Received: by 10.78.123.4 with SMTP id v4mr4796154huc.1188302498383; Tue, 28 Aug 2007 05:01:38 -0700 (PDT) Received: from ?192.168.0.100? ( [81.195.230.194]) by mx.google.com with ESMTPS id i39sm7030829ugd.2007.08.28.05.01.35 (version=SSLv3 cipher=RC4-MD5); Tue, 28 Aug 2007 05:01:36 -0700 (PDT) Message-ID: <46D40E9D.1040809@gmail.com> Date: Tue, 28 Aug 2007 16:01:33 +0400 From: Edward User-Agent: Thunderbird 2.0.0.6 (Windows/20070728) MIME-Version: 1.0 To: freebsd-questions@freebsd.org Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Subject: tcpdump & process information X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: edward.polinsky@gmail.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Aug 2007 12:30:28 -0000 Hi there! Is there an utility which can work as usual tcpdump but with process information option? (or something like continually running `sockstat -46` or `fstat | grep internet` or `lsof -i4 -i6` ...etc) i.e. i wanna see which process generate network traffic to trace out some suspicious activity. it would be great if this program will be might to log all what it`ll capture.