It’s a very long story but ultimately all you need to know is, i have to make sure an unknown app isn’t sending an assload of traffic through port 25 on any network im connected to. How can I confirm this on my android device without an external PC?
You must log in or register to comment.
You have some options.
If your router is sophisticated enough to have tcpdump/iptables you could monitor and block it that way.
If your phone is rooted it may be possible to do so on your device in the same way.
Since you do not have a computer you may consider renting a VPS and configuring a VPN for your phone for monitoring.
Configuring an outbound firewall to log port 25 and block any traffic.
Many ISPs block port 25 unless the client is interacting with a whitelisted server.
I’m rooted but that’s a bit overkill for what I’m trying to achieve, so far I’ve just found a traffic sniffer app and I’m manually picking out any traffic on 25, i suppose I could go home and just set something up on my router but I’m trying to do this at work
Ah, yeah I’d imagine such an app needs root for that functionality. Low ports are protected by the kernel. If you’re suspecting malware on the phone, you might just wanna wipe it and secure your accounts?
I’m not personally suspecting it but the organization I’m with has reason to suspect an android phone is infected and blasting out traffic through that port. I’m just confirming it’s not me to be safe, though Im pretty sure it’s someone else, as I generally keep my phone activities to youtube
I may just wipe anyways since I’ve had issues with this rom but jeez is it gonna be a process
They might be looking for a chromebook, fingerprinting software can be a bit dubious at correctly identifying devices.
Is tcpdump possible for you?
Maybe, is that something I can do in terminal?
It’d be number 8 on this list but honestly number 4 is where I’d start. I don’t have android specific experience from this decade, sorry.
https://techwiser.com/wireshark-alternatives-for-android/
Edit: so many of those require rooting. Is it common to do so? I wouldn’t personally go too far down a rabbit hole on the device because it’s a pain unless you have no access to the access point or router or some other device that may have easier access to logs.
