how can i monitor a internet program activity

mantra · #1 February 15th, 2006, 04:08 AM

Hi

i found several free & shareware that hidden send data to other sites , for example i ran these software and they try to contact chinese and unknow ip
i did notice using a mp3 tag program that i use to grab album tracks names ,this program call freedb and chinese site and many others stealthily

well how can i monitor with l&s the behavior of a program ?

with l&s the situation is --> allow -->block
Block i can't grab tracks names!
allow --> the program will call home , freedb and many others sites

yes i know i can do a filter, but i need to know the program activity before making the filter right?

thanks

CrazyM · #2 February 15th, 2006, 04:14 AM

You could enable logging of the application when permitted which might help determine how you could refine your rules.

Sounds more like a program you do not trust which begs the question, why use it?

Regards,

CrazyM

mantra · #3 February 15th, 2006, 04:17 AM

i did not use it

but i found many many programs stealthily make extra connection

so i think with l&s control in real time a program is impossible

Quote:

You could enable logging of the application when permitted which might help determine how you could refine your rules.

yes but it could be dangerous, i will know what the program did behind

Frederic · #4 February 15th, 2006, 02:06 PM

In the application filtering, just select !! for the logging and for the application you would like to monitor.
Then any access will be written in the logs for that application with ports & IP information.

Frederic

mantra · #5 February 15th, 2006, 02:33 PM

mercy Frederic

Quote:

In the application filtering, just select !! for the logging and for the application you would like to monitor.
Then any access will be written in the logs for that application with ports & IP information.

does it works also when i block an application?

Quote:

In the application filtering, just select !! for the logging and for the application

sorry Frederic but it's not clear
i can see only one (!!) close the the application ,and is on the left of the application name
how can i enable !! for the logging & the application?

Frederic · #6 February 15th, 2006, 04:58 PM

Quote:

Originally Posted by mantra

does it works also when i block an application?

If the application is blocked, you will see only the attempt to connect, but no information regarding port or IP.

Quote:

sorry Frederic but it's not clear
i can see only one (!!) close the the application ,and is on the left of the application name
how can i enable !! for the logging & the application?

If you press on time the icon in the ! column you get only one ! and only basic logging is enabled, if you press the icon a second time you get the !! icon and this time all access are logged (when the application is allowed).
If you want to restrict the application to some ports or IP, double-click on the line (Advanced Mode has to be enabled in the advanced option to authorize that).

Frederic

mantra · #7 February 16th, 2006, 01:53 AM

thanks Frederic

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search