Solved

TCPView questions

Posted on 2011-03-07
1
336 Views
Last Modified: 2012-05-11
Hi

I have an application server, Server1, running on Windows 2008 Server. I have clients from many subnets connecting to it, some are on the same LAN, some are connecting across the WAN.

We often have connectivity issues so I was looking for a program/function that told me whether the server had actually recvd the connection from the client and what state it was in. I figured on Netstat but then came across TCPView.

I had some questions I was hoping someone could assist me with:

1. If I had a connection from a client at 192.168.1.246, is there a way to actually filter for this, or do I need to sort by IP address (Remote Address).

2. If I had a suspect connection from 192.168.2.123 and wanted to close this, what's the best way to do this?

3. I see there are connection states of:

Listening
Established
Close_Wait
Last_ACK

etc.

Does anyone have a handy link to explain what these mean?
0
Comment
Question by:chuckp2010
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 57

Accepted Solution

by:
giltjr earned 500 total points
ID: 35060775
1) TCPView has no filtering capabilities.



2) That I am aware of Windows does not have a way to terminate a specific active TCP connection.  I'm not sure, but I don't think *nix does either.

3) Although for the NETSTAT command it the same states: http://support.microsoft.com/kb/137984

You may want to look into Wireshark (http://www.wireshark.org).  This allows you to capture traffic and see what they are doing.  This allows you to filter on specific IP address (and TCP or UDP ports along with a lot of other filtering capabilities).
0

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question