What solution or program to use to see what application sends out?
I have an application (on Windows 10) which is sending telemetry data, in other words "calling home". What program could I use to see what data it sends out? Does F-SEcure have such application, and if so, which? I do not mean only blocking or something that tells me it is safe, I would like to see the data myself.
If F-secure does not have such an application, this is a feature/program request, and while waiting, is there some other good application for that? If do a google search I get many results, but most likely many of them are malware themselves.
Comments
-
Hello,
I have an application (on Windows 10) which is sending telemetry data, in other words "calling home". What program could I use to see what data it sends out?
Within my understanding - probably, something like Wireshark. However, the usage can be quite difficult. And something simpler is probably present and it may be worth looking for alternatives - but it will always can be more risky. Because Wireshark is quite popular tool / software with known source of distribution and so on.
Also, it may not be entirely legal to analyze (?!) the transmitted data of the application (even if it is your device, your network, etc.). I think it largely depends on the Terms / Policy of the application itself.
Simply put, you need to intercept network traffic (where the data transmitted by the application will be part of it) and, in a particular case, decrypt captured traffic. After "decrypting", understand it.
Does F-SEcure have such application, and if so, which? I do not mean only blocking or something that tells me it is safe, I would like to see the data myself.
Perhaps, not as part of home solutions. There may be some Business solutions provided by F-Secure that should easily help with such a task - but this is not what you search for probably..
If F-secure does not have such an application, this is a feature/program request, and while waiting, is there some other good application for that? If do a google search I get many results, but most likely many of them are malware themselves.
There is Feature Requests board - https://community.f-secure.com/en/categories/Idea_Exchange - where you can put your idea if it is possible to figure out how such a feature should exist within home solution.
What about other points - maybe the answer is also depends on application design. What is used for data sending (telemetry). Protocol, and other things. Whether the channel is encrypted.
In a sense, not the hardest task. But more requires some skill, effort and legality.
You can also, actually, search against that Windows 10 application. What if someone already tried to research that field. If not - you can look at Wireshark. Another things are something like proxying (maybe). For example, to redirect data (so, you could see / edit on the way). I am not sure, but probably software like Burp Suite can be with some tools about this. All in all, it will interfere with the application. Which is not recommended in principle.
Thanks!
