I am doing some research and I need to capture every packet leave my computer and determine from which process it come from. in other world, some thing like Microsoft network monitor. please guide me to the right way to start.
To do that, you should retrieve the tcp or udp header from the ip packet, read the port from it, then try to execute netstat
command using Runtime
class,
parse the result, you will find the pid
of the process in the last column of the result, you will also find the port
, netstat will list the running process, their state and the ports their are listening on.