Security Basics mailing list archives

Re: How to find a process

From: "Jay" <jay.tomas () infosecguru com>
Date: Thu, 14 Jun 2007 12:56:07 -0400

You also may try:

fport - Foundstone
openports - DiamondCS
aports-Symantect
tcpview-Microsoft/Sysinternals

Jay

----- Original Message -----
From: levinson_k () securityadmin info [mailto:levinson_k () securityadmin info]
To: security-basics () securityfocus com
Sent: 14 Jun 2007 00:53:57 -0000
Subject: Re: How to find a process

To identify the Windows process that is sending out TCP/IP traffic... on the source system, you can install just about 
any free or not-free client-based / personal firewall software.



You can also install Microsoft's free Port Reporter, though it doesn't say whether it is compatible with Windows Vista 
yet:



www.microsoft.com/downloads/details.aspx?FamilyID=69ba779b-bae9-4243-b9d6-63e62b4bcd2e



If the results come back that "System" or SVCHOST.EXE is generating the traffic, then you'll have to use a trick to try 
to find out which subordinate process is actually generating the traffic.



kind regards,



Karl Levinson

http://securityadmin.info

Current thread:

Re: How to find a process, (continued)
- Re: How to find a process rmyster (Jun 15)
- Re: How to find a process levinson_k (Jun 14)
  - RE: How to find a process Gressick, Michael (Jun 14)
  - RE: How to find a process Dan Denton (Jun 14)
  - RE: How to find a process Dan Denton (Jun 14)
    - Re: How to find a process Ansgar -59cobalt- Wiechers (Jun 14)
    - Re: How to find a process Michael Painter (Jun 14)
- Re: How to find a process Ned Kratzer (Jun 14)
- Re: How to find a process nicholdeaddis (Jun 14)
- Re: How to find a process nedk (Jun 14)
- Re: How to find a process Jay (Jun 14)
- RE: How to find a process Francisco Rodrigo Cortinas Maseda (Jun 14)