This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

identifying source of traffic

0

I am running Windows 10 and have recently discovered Wireshark. I use a VPN. I am bugged by the fact that Windows likes to phone home a lot. I have managed to block all the nonsense going on but have a residual issue. I start Windows and log onto my VPN in a normal manner. I start Wireshark and set it to capture the traffic on my TAP Windows Adapter. I don't initiate any browsers or any applications. Of course there are many back ground tasks running at startup. I go take a walk. When I come back there is a small amount of traffic - Akami, AmazonAWS, OpenVPN, something from Edgecast, something from Highwinds Network, a weird ip from Poland - that's it. Not much traffic at all (none to MS). What I want to do is to identify what process might be generating the traffic. I am not sure how to configure Wireshark or if I need another tool. Any advice? Thanks.

asked 27 May '16, 13:35

share3141's gravatar image

share3141
6112
accept rate: 0%


One Answer:

0

This is not something Wireshark could help you with. Due to the way it captures the packets, it is unable to identify the process which has sent them or which expects them.

But look for similar Questions here (search for "process"), I am sure a name of a Windows application which can do this has been given in at least one of them less than a month ago.

answered 27 May '16, 15:29

sindy's gravatar image

sindy
6.0k4851
accept rate: 24%