Playbook
Unknown Process Talking To The Internet
Use WireTuna to identify the app, destination, protocol, meaning, and packet evidence before you decide whether to escalate.
The problem
A process you do not recognize is making outbound connections.
Operator approach
Start with the documented workflow for the tool, collect evidence, and keep the next step visible before changing settings, blocking traffic, unlocking storage, or transferring sensitive files.
First steps
- Select the adapter and filter for unknown activity
- Open traffic details for endpoints, volume, and explanation
- Use Who Is This IP for public ownership context
- Export visible packet rows if you need evidence