Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: How to find a process

From: "Dan Denton" <ddenton () remitpro com>
Date: Thu, 14 Jun 2007 11:43:15 -0500
My apologies to the list. That's Process Explorer, not Process Monitor.

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of levinson_k () securityadmin info
Sent: Wednesday, June 13, 2007 7:54 PM
To: security-basics () securityfocus com
Subject: Re: How to find a process

To identify the Windows process that is sending out TCP/IP traffic... on the
source system, you can install just about any free or not-free client-based
/ personal firewall software.  

You can also install Microsoft's free Port Reporter, though it doesn't say
whether it is compatible with Windows Vista yet:

www.microsoft.com/downloads/details.aspx?FamilyID=69ba779b-bae9-4243-b9d6-63
e62b4bcd2e

If the results come back that "System" or SVCHOST.EXE is generating the
traffic, then you'll have to use a trick to try to find out which
subordinate process is actually generating the traffic.

kind regards,

Karl Levinson
http://securityadmin.info
Previous By Date Next
Previous By Thread Next

Current thread: