Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1688
  • Last Modified:

Filtering output from TCPView

Is there a way to filter by one of the display fields of TCPView?
For instance, if I were to filter by a given local port, say 25 and output the results to a text file over a period of time, would this be feasible?

Any help or suggestion from an expert(s) would be most appreciated. Thanks
0
garychu
Asked:
garychu
  • 2
2 Solutions
 
michko-auCommented:
0
 
QlemoC++ DeveloperCommented:
Just using Currports isn't enough - you need to set up something in it, of course. You need to switch on Auto Refresh via the Options menu, and set it to the period of time you want to monitor changes. And then you need to configure and switch on logging in the File menu. I assume you have already added an application or port filter, and changed the display settings, eg. to exclude listening ports.

Do you want to just log something like.
Outlook opened SMTP to 1.1.1.1 at 01/09/2010 11:30:00
Outlook closed SMTP to 1.1.1.1 at 01/09/2010 11:30:02
? Or do you need the traffic contents?
0
 
garychuAuthor Commented:
Thanks, experts for the qucik and ready responses.
I have not heard of Currports before this.
I have found Wireshark a bit overwhelming for my lack of experience.
Will certainly give Currports a go.
Immediately, my attention is on a specific computer in a network which I suspect has been compromised by a spambot(s). Consequently, I need to monitor it for a period of time.
Thus adding a filter for 25 will suffice. Packet contents are of no interest.
May have to also add Outlook as an application because some spambots work through Outlook I understand.
Your further comments will be most helpful as I may be way off course.
Thanks
0
 
QlemoC++ DeveloperCommented:
That should do. But you have to let CurrPorts running on the "offending" machine, else you won't have process information available.
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now