2000

By admin | Comments (0) | Trackbacks (0) |

If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting!

TCPView is a free Sysinternals tool from Microsoft allowing you to monitor TCP and UDP endpoints. It has the same purpose as the command line tool netstat that comes with Windows. Contrary to netstat, TCPView is a GUI tool. Usually, it is the first tool I use if strange things are happening on a computer, i.e. if I think that it might have been infected by spyware or other malware.

TCPView lists the process, the local TCP port, the remote address and the state of the TCP connection. If you want to get more details about the program, for example where the exe file is located, you just have to right click and select “Process Properties”. You can also terminate a connection or end the process.

There is a command line version of TCPView (Tcpvcon) which is similar to netstat. TCPView runs Windows Server 2008/Vista/NT/2000/XP and Windows 98/Me.

Using TCPView

When you start TCPView it will enumerate all active TCP and UDP endpoints, resolving all IP addresses to their domain name versions. You can use a toolbar button or menu item to toggle the display of resolved names. On Windows XP systems, TCPView shows the name of the process that owns each endpoint.

By default, TCPView updates every second, but you can use the Options|Refresh Rate menu item to change the rate. Endpoints that change state from one update to the next are highlighted in yellow; those that are deleted are shown in red, and new endpoints are shown in green.

You can close established TCP/IP connections (those labeled with a state of ESTABLISHED) by selecting File|Close Connections, or by right-clicking on a connection and choosing Close Connections from the resulting context menu.

You can save TCPView’s output window to a file using the Save menu item.
Tcpvcon Usage

Tcpvcon usage is similar to that of the built-in Windows netstat utility:

Usage: tcpvcon [-a] [-c] [-n] [process name or PID]

-a - how all endpoints (default is to show established TCP connections).

-c - Print output as CSV.

-n - Don’t resolve addresses.

Download TCPView this includes Tcpvcon from here

Screenshot

Share this post with the world

Did you enjoy this post? Why not leave a comment below and continue the conversation, or subscribe to my feed and get articles like this delivered automatically each day to your feed reader.

Tags: download tcpvcon, download tcpview, Tcpvcon, tcpview, tcpview vista, tcpview xp, view active TCP and UDP connections in vista, view active TCP and UDP connections in Windows Server 2, view active TCP and UDP connections in xp
Topics: Free Utilities, Windows 2000, Windows Server 2008, Windows Vista, Windows XP

No comments yet.

Line and paragraph breaks automatic, e-mail address never displayed, HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>

How to view active TCP and UDP connections in Windows Server 2008/Vista/XP/2000

Related Articles

Leave a comment

MS Security Advisory

Recent Comments

MSKB IE7

Login / Register

Categories

Archives

MSKB Update

Win Server 2003 KB