Which process made which socket?

Discussion in 'Security Software' started by James Stickland, Jan 18, 2007.

  1. I know that netstat -oa can show us the respectful socket connection and
    owning process

    What i am looking for is something better - something that will allow
    accounting of all newly created tcp/udp sockets and their respectful process
    number, and hopefully process image name.

    Say, if i open internet explorer and connect to www.microsoft.com, an alert
    of some sort would be made showing me that c:\progra~1\intern~1\iexplore.exe
    made a connection to www.microsoft.com on port 80.

    I know there must be a way to do this, but did microsoft ever release such a
    James Stickland, Jan 18, 2007
    1. Advertisements

  2. James Stickland

    jwgoerlich Guest

    Does this help?

    TCPView for Windows v2.4

    J Wolfgang Goerlich
    jwgoerlich, Jan 18, 2007
    1. Advertisements

  3. You might try Port Reporter from Microsoft as shown in the link below. It
    installs as a service that you can enable when needed to log port activity
    and many details about the port use.


    Steven L Umbach, Jan 18, 2007
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.