TCPView

Click here to visit Original posting

TCPView is a handy little program that allows you to see the network activity on your computer.  When run, you will be able to see what remote devices or computers that your individual programs are communicating with as well as what programs are waiting for connections.

Using this information, you can determine what programs are listening for connections and disable them if you think they are a security risk.  You can also use this program to determine if you have a computer infection on your computer that is listening for a connection from a remote host.

Usage Instructions:

When you start TCPView it will enumerate all active TCP and UDP endpoints, resolving all IP addresses to their domain name versions. You can use a toolbar button or menu item to toggle the display of resolved names. On Windows XP systems, TCPView shows the name of the process that owns each endpoint.

By default, TCPView updates every second, but you can use the Options|Refresh Rate menu item to change the rate. Endpoints that change state from one update to the next are highlighted in yellow; those that are deleted are shown in red, and new endpoints are shown in green.

You can close established TCP/IP connections (those labeled with a state of ESTABLISHED) by selecting File|Close Connections, or by right-clicking on a connection and choosing Close Connections from the resulting context menu.

You can save TCPView's output window to a file using the Save menu item.

Command Line Arguments:

Tcpvcon usage is similar to that of the built-in Windows netstat utility:

Usage: tcpvcon [-a] [-c] [-n] [process name or PID]