Joe G
asked on
monitor and alert on specific TCP/IP port setting
I have a need to alert me when a specific tcp port is opened, I don't want to block it just know when its opened. What software, alert or batch file I can use to alert me with a notification of some sort that it has been active and connected with.
You can also use nagios to monitor a specific port, and alert you when the device is available.
you need to give information regarding your setup. are you trying to know if a port is opened on your local machine ? are you a firewall admin trying to see what your users are doing ? in that case what firewall do you use and do you have the ability to sniff the network from a remote machine ?
generally, commonly there are two approaches to monitor and alert TCP/IP port usage.
1. host based. a port monitoring software is required to be installed on the host computer on which the target applications run. the software can be a simple software monitoring ports usage only or a comprehensive firewall software monitoring all stateful traffic.
2. external firewall based. full log mechanism such as syslog should be enabled on firewall to capture all essential information of the traffic between the source and destination hosts.
for both methods, if the logs can be collected and a port filter can be applied, you can see the result you are after.
1. host based. a port monitoring software is required to be installed on the host computer on which the target applications run. the software can be a simple software monitoring ports usage only or a comprehensive firewall software monitoring all stateful traffic.
2. external firewall based. full log mechanism such as syslog should be enabled on firewall to capture all essential information of the traffic between the source and destination hosts.
for both methods, if the logs can be collected and a port filter can be applied, you can see the result you are after.
ASKER
sorry all - the setup information is to be installed on a windows 7 pc not a external firewall. We have this remote program we use in house that uses a specific port to gain access to a pc tcp 9345. My technician staff have been told to call ahead before remoting in as a courtesy however I've been hearing different. For certain end users I want to be able to put in a simple alert of some sort that the remote program is active on a pc so I can find out if the rumors are true.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thank you. it should work just fine.
You could use netstat to see LISTEN or ESTABLISHED status for specific ports