Technofriends

Its always interesting and important at times to visualize the various TCP and UDP Connections open on your computer. Its important to know about the various open TCP Connections, in case you suspect some malware or spyware software to be eating up your sensitive data. In such situations the first thing to do is, have one of the best anti-virus and anti-spyware software installed on your machine. Later, you can begin with the monitoring of active connections. 

In one of my previous post, you already learnt about How TCP Connections work. This article will help you display all the Open TCP and UDP Connections using TCPView. 

TCPView is a Windows program that will show you detailed listings of all TCP and UDP endpoints on your system, including the local and remote addresses and state of TCP connections. On Windows Server 2008, Vista, NT, 2000 and XP TCPView also reports the name of the process that owns the endpoint. TCPView provides a more informative and conveniently presented subset of the Netstat program that ships with Windows. 

How To Use TCPView

When you start TCPView it will enumerate all active TCP and UDP endpoints, resolving all IP addresses to their domain name versions. You can use a toolbar button or menu item to toggle the display of resolved names. On Windows XP systems, TCPView shows the name of the process that owns each endpoint.

By default, TCPView updates every second, but you can use the Options|Refresh Rate menu item to change the rate. Endpoints that change state from one update to the next are highlighted in yellow; those that are deleted are shown in red, and new endpoints are shown in green.

You can close established TCP/IP connections (those labeled with a state of ESTABLISHED) by selecting File|Close Connections, or by right-clicking on a connection and choosing Close Connections from the resulting context menu.

You can save TCPView’s output window to a file using the Save menu item.

Using Tcpvcon

Tcpvcon usage is similar to that of the built-in Windows netstat utility:

Usage: tcpvcon [-a] [-c] [-n] [process name or PID]

-a	Show all endpoints (default is to show established TCP connections).
-c	Print output as CSV.
-n	Don’t resolve addresses..

I would suggest that you install TCPView and check out your Open TCP and UDP Connections before your data is actually stolen by some spyware.

 

You can follow me on Twitter at http://twitter.com/vaibhav1981

Do stay tuned to Technofriends for more, one of the best ways of doing so is by subscribing to our feeds. You can subscribe to Technofriends feed by clicking here.

Related posts:

1. [Freeware] Watch Over Network Connections with Moo0 ConnectionWatcher
2. List all Open TCP/IP and UDP Ports on your Computer with TCPEye
3. [How-To] Re-Open Recently Closed Tabs and Windows in Firefox 3.5
4. Process Hacker is Open Source Process Viewer and Memory Editor
5. Next Open Coffee Club Bangalore Meetup on 23rd November