Hi Guys -
Tom’s video on tacking down traffic on his cell phone has gotten me interested in doing the same thing in Win10 as well as in Linux.
Specifically, I’d like to be able to track down IP addresses that get blocked leaving my home network via pfBlocker and be able to see what process generated that traffic.
New to wireshark but it doesn’t seem to have any PID data that I can find.
For windows I found “Resource Monitor” which shows app name, PID, port data as well as destination IP address, it just doesn’t seem to have a very big cache and it doesn’t keep data for very long, also, no ability to output data for further manipulation.