For those of you who don't know me, let's just say that I'm not an infrastructure guru - and I don't plan on being one. So, this entry is for those who are like me, i.e. only want to know enough to get the job done. In doing some research on XPSP2, I was curious how to know what was connecting to me or what I was connecting to via TCP/IP connections. An easy way is to use the NetStat utility that comes with Windows. Run this command line gem with either the "-ano" or "-ao" parameters and you might be surprised what all is going on under your nose. The output includes your local address/port, the external address/port including machine name, connection state, and PID (process ID). Run this next to TaskMgr and you'll get a better idea if there's any nonsense happening. On first view, this might be scary to you as it will appear that everyone and their mother is talking to your machines. But after looking up the processes and seeing who is actually connected to you, you can breathe easier. If you can't identify a connection's purpose, there is always the possibility of using the Windows Firewall and its "Don't Allow Exceptions" setting.
Another intersting utility is TDImon from Sysinternals. This utility shows network traffic and also includes some NetStat info like PID (but with the actually process name). Plus it's free. Wow, is Outlook busy!
8:18:55 AM 
|
|
