Is there a way on a OSX MAC to tell what application is sending data to
a given ip address/dns name?

We have a user that has a mac and something keeps sending
authentications to one of our servers and the password value is an
incorrect value, thus it keeps intruder locking the users account. We
know its from said mac, just not sure what application is sending the
bad auths.



++ Bad command or file name ++