looking for a software witch identify an intruder process

My firewall advise me of an intruder since a week.
I've seen this:

"
IP origin: my IP (not static)
IP destination: xxx.xxx.xxx.xxx (known)
Origin Port UDP: 10222.
Destination Port UDP 0. Not valid number
"

I'd like a software(possibly free) that advise me about the name of the intruder process, that is: I give the IP and when the traffic with this IP is generated the software advise me.
If it is not possible, I'd like the software collect the statistics(with the process name) FILTERED (at the origin) by the intruder IP.

Re: looking for a software witch identify an intruder process

a wrote:
> My firewall advise me of an intruder since a week.
> I've seen this:
>
> "
> IP origin: my IP (not static)
> IP destination: xxx.xxx.xxx.xxx (known)
> Origin Port UDP: 10222.
> Destination Port UDP 0. Not valid number
> "
>
> I'd like a software(possibly free) that advise me about the name of
> the intruder process, that is: I give the IP and when the traffic with
> this IP is generated the software advise me. If it is not possible,
> I'd like the software collect the statistics(with the process name)
> FILTERED (at the origin) by the intruder IP.

Which operating system? On Win 2k or XP you could try Port Reporter [1].
The program is installed as a non-interactive service that - when run -
logs all information about processes sending or receiving network
traffic.

[1] http://support.microsoft.com/kb/837243

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich