This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Packets are being sent from my Windows 8.1 Pro system to 54.86.239.95 (ICMP ECHO packets). ARIN believes that IP is in a broad range of Amazon IPs. Given that, I have no Amazon tasks, services, web sites, applications, apps that are running (to my knowledge). MS Outlook 2013 is running, and there are some messages (not read or open) from Amazon.

So, how would I achieve finding the true identity of the software sending the packets from my system?

Other packets went out to Amazon's set of IP sites too, but nothing seemed to identify the source of the transmitted packets.

Given that I have a piece of software that began failing yesterday within a 24 hour period, I am snooping around for a cause (yet to be determined).

Thank you for help in any fashion.

Srosxi

asked 10 Oct '14, 08:51

Srosxi's gravatar image

Srosxi
11112
accept rate: 0%


Try using Message Analyser from Microsoft, as well as capturing the traffic, I believe that can show you the sending process as well.

permanent link

answered 10 Oct '14, 09:20

grahamb's gravatar image

grahamb ♦
19.8k330206
accept rate: 22%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×178
×40
×3
×1

question asked: 10 Oct '14, 08:51

question was seen: 1,568 times

last updated: 10 Oct '14, 09:20

p​o​w​e​r​e​d by O​S​Q​A