Network Sniffer on Specific Application

[Tearitup]

Hey all,

 

Just wanted to get some advice on some software where I can see all external connections (anything outside the LAN) from a specific application. It would be great if the software let me monitor certain services/exes and then kept a log of them. I am aware of software such as WireShark, but as far as I can tell, it is not at the application level.

 

Thanks for any help!

[2FA]

GlassWire but it isn't free.

[Mira Yurizaki]

4 minutes ago, Tearitup said:

 it is not at the application level.

Are you asking for the sniffer to be able to tell you what the data actually means according to the application?

[Sir Asvald]

9 minutes ago, Tearitup said:

Hey all,

 

Just wanted to get some advice on some software where I can see all external connections (anything outside the LAN) from a specific application. It would be great if the software let me monitor certain services/exes and then kept a log of them. I am aware of software such as WireShark, but as far as I can tell, it is not at the application level.

 

Thanks for any help!

You could try wireshark. Not sure if it does single applications.

[fjdhdhcyfhf]

So if i understand you correctly you are trying to isolate packets for specific applications. There are two ways I have done this:

filter based on port number. - this works if you know the port numbers in use

Run the application inside a virtual machine - this is the easiest

Set the application to access internet through a proxy running on a virtual machine - this had no benefits to the above except it does not include operating system and background service data packets

[tlink]

7 minutes ago, Tearitup said:

Hey all,

 

Just wanted to get some advice on some software where I can see all external connections (anything outside the LAN) from a specific application. It would be great if the software let me monitor certain services/exes and then kept a log of them. I am aware of software such as WireShark, but as far as I can tell, it is not at the application level.

 

Thanks for any help!

virtualize it

[Blake]

3 hours ago, Tearitup said:

Hey all,

 

Just wanted to get some advice on some software where I can see all external connections (anything outside the LAN) from a specific application. It would be great if the software let me monitor certain services/exes and then kept a log of them. I am aware of software such as WireShark, but as far as I can tell, it is not at the application level.

 

Thanks for any help!

Your after Deep Packet inspection. Solarwinds can do this, If you just set it up to collect from the WAN router you should be fine with the free license, just make sure reverse lookup is working on your network or you'll see a bunch of IP's and not FQDNs.

[Tearitup]

Thanks for all the help everyone!

 

14 hours ago, M.Yurizaki said:

Are you asking for the sniffer to be able to tell you what the data actually means according to the application?

Not what it means really - I just want to see when a specific application is making any external connections. So mainly, just the IP it is talking to and over which ports.

[dr_sepheroth]

Try using Nmap or Zmap, 

 

https://nmap.org/

 

https://zmap.io/

 

 

[.spider.]

On 15.11.2016 at 3:10 PM, Tearitup said:

Thanks for all the help everyone!

 

Not what it means really - I just want to see when a specific application is making any external connections. So mainly, just the IP it is talking to and over which ports.

It is built-in in Windows

Netstat in cmd

Or Resource Monitor with GUI

 

Example: