Member Avatar for 9tontruck

Hi guys,

I have recently installed a non-official program that supports me to do things easily. But one concern that I have is that I dont know if this program sends any of my personal information to somewhere on the web.If the program is made by hackers and they made it to automatically collect my personal information and send it to themselves, how can I capture it? There must be some kinds of network connection such as cURL and socket, right? How can I know if there is any connection bwt the program and a web server? And how can I know what kind of data does it send?

  • 5 Contributors
  • 4 Replies
  • 170 Views
  • 5 Days Discussion Span
  • Latest Post Latest Post by L7Sqr

Recommended Answers

All 4 Replies

Member Avatar for JorgeM

You are on the right track Install a packet capture on the box. I would recommend Wireshark.

Member Avatar for CimmerianX

I'll offer this suggestion. Load the application into a Virtual Machine with no outbound connectivity to the public web. This way you can analyze the app without risk of data exposure. Or if you have the software available, you can load it in a sandbox (i.e. Avast offers this IIRC).

Member Avatar for L7Sqr

@CimmerianX: If his application needs connectivity this is not an option.

tcpdump or wireshark are two easy to use approaches. The difficulty is knowing which connections are related to your application (your will see all connections by default with these tools).
If you can watch your application from the system level (e.g. monitor the sockets it opens) then you can get a finer grained view. The difficulty increases significantly with such an approach, however.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.