It’s a very long story but ultimately all you need to know is, i have to make sure an unknown app isn’t sending an assload of traffic through port 25 on any network im connected to. How can I confirm this on my android device without an external PC?

  • @Hobbes_Dent
    link
    English
    38 months ago

    Is tcpdump possible for you?

    • @yokonzoOP
      link
      English
      28 months ago

      Maybe, is that something I can do in terminal?

      • @Hobbes_Dent
        link
        English
        6
        edit-2
        8 months ago

        It’d be number 8 on this list but honestly number 4 is where I’d start. I don’t have android specific experience from this decade, sorry.

        https://techwiser.com/wireshark-alternatives-for-android/

        Edit: so many of those require rooting. Is it common to do so? I wouldn’t personally go too far down a rabbit hole on the device because it’s a pain unless you have no access to the access point or router or some other device that may have easier access to logs.

  • Toes♀
    link
    fedilink
    English
    38 months ago

    You have some options.

    If your router is sophisticated enough to have tcpdump/iptables you could monitor and block it that way.

    If your phone is rooted it may be possible to do so on your device in the same way.

    Since you do not have a computer you may consider renting a VPS and configuring a VPN for your phone for monitoring.

    Configuring an outbound firewall to log port 25 and block any traffic.

    Many ISPs block port 25 unless the client is interacting with a whitelisted server.

    • @yokonzoOP
      link
      English
      1
      edit-2
      8 months ago

      I’m rooted but that’s a bit overkill for what I’m trying to achieve, so far I’ve just found a traffic sniffer app and I’m manually picking out any traffic on 25, i suppose I could go home and just set something up on my router but I’m trying to do this at work

      • Toes♀
        link
        fedilink
        English
        58 months ago

        Ah, yeah I’d imagine such an app needs root for that functionality. Low ports are protected by the kernel. If you’re suspecting malware on the phone, you might just wanna wipe it and secure your accounts?

        • @yokonzoOP
          link
          English
          3
          edit-2
          8 months ago

          I’m not personally suspecting it but the organization I’m with has reason to suspect an android phone is infected and blasting out traffic through that port. I’m just confirming it’s not me to be safe, though Im pretty sure it’s someone else, as I generally keep my phone activities to youtube

          I may just wipe anyways since I’ve had issues with this rom but jeez is it gonna be a process

          • Toes♀
            link
            fedilink
            English
            18 months ago

            They might be looking for a chromebook, fingerprinting software can be a bit dubious at correctly identifying devices.