Portsmonitor 1 4 0 – Monitor System Tcpip Network Connections

• Portsmonitor 1 4 0 – Monitor System Tcpip Network Connections Windows 10
• Portsmonitor 1 4 0 – Monitor System Tcpip Network Connections Protocols

Here are 20 of the best free tools for monitoring devices, services, ports or protocols and analyzing traffic on your network. This list is intended to supplement 101 Free SysAdmin Tools. Even if you may have heard of some of these tools before, I'm confident that you'll find a gem or two amongst this list.

1. GFI LanGuard (our award-winning paid solution)

Tcp / IP Monitor uses the main window to display the time, local IP and port, remote IP and port, as well as connection status. Still, using the buttons at the top of the window also enables you to. TCPEye is network monitoring software that displays the list of all currently opened TCP/IP and UDP ports on your local computer. For each port in the list. TCPEye 1.0 2012-04-02 07:15:11 By.

People say it's good to be modest and not to brag, but we're so proud of our network management tool that we had to start the list with GFI LanGuard. You can use it to scan both small and large networks, in search of software vulnerabilities and unpatched or unlicensed applications. Information coming from up to 60,000 devices, running on Windows, Mac OS or Linux, will be shown in a centralized web console, so you'll be able to see the state of your whole network at any moment and from any location.

CurrPorts – Portable TCP IP UDP Port Monitor 2.5 / 5 ( 2 votes ) CurrPorts is a portable tool that can display a list of all open TCP/IP and UDP ports on a computer, allowing the user to monitor any remote activity that might be occurring. Network Monitor opens with all network adapters displayed. Select the network adapters where you want to capture traffic, click New Capture, and then click Start. Reproduce the issue, and you will see that Network Monitor grabs the packets on the wire. Select Stop, and go to File Save as to save the results. By default, the file will be saved.

With centralized patch management and network auditing, GFI LanGuard prevents potential compliance issues, but if you're a sysadmin the fact that all machines are patched and secured will surely seem like a more important advantage. But, don't take our word for it, download the free 30-day trial and try it out.

2. Microsoft Message Analyzer

Microsoft Message Analyzer, the successor to Microsoft Network Monitor 3.4, has an intuitive and flexible UI with effective filtering options that allow you to break down and drill into captured packets (or ‘messages' as they are called in Message Analyzer). Aurora hdr pro 1 2 7. By adding ‘Color Rules' to different protocol traffic, you can make scanning through areas of interest easier and faster.

Some of its highlighted features include automated data capture (using PowerShell cmdlets to start or stop traces based on a particular trigger), TLS/SSL decryption support and customizable filter expressions.

Microsoft Message Analyzer allows you to assess multiple log data sources from a single pane of glass. You can capture, view and analyze network protocol traffic side-by-side with other system or application events (e.g., Event Logs or SQL Tables), making it a valuable addition to your network toolkit.

When you launch Microsoft Message Analyzer, click ‘Start Local Trace' to immediately start capturing traffic from the local machine, or ‘New Session' to add a Data Source to capture.

3. Nagios

Nagios is a powerful network monitoring tool that helps you to ensure that your critical systems, applications, and services are always up and running. It provides features such as alerting, event handling, and reporting. Nagios Core is the heart of the application that contains the core monitoring engine and a basic web UI. On top of Nagios Core, you can implement plugins that will allow you to monitor services, applications, and metrics, a chosen frontend as well as add-ons for data visualization, graphs, load distribution, and MySQL database support, amongst others.

Once you've installed and configured Nagios, launch the Web UI and begin to configure host groups and service groups. Once Nagios has had some time to monitor the status of the specified hosts and services, it can start to paint a picture of what the health of your systems look like.

4. OpenNMS

Portsmonitor 1 4 0 – Monitor System Tcpip Network Connections Windows 10

OpenNMS is an open source enterprise-grade network management application that offers automated discovery, event and notification management, performance measurement, and service assurance features. OpenNMS includes a client app for the iPhone, iPad or iPod Touch for on-the-go access, giving you the ability to view outages, nodes, alarms and add an interface to monitor.

Once you successfully login to the OpenNMS web UI, use the dashboard to get a quick ‘snapshot view' of any outages, alarms or notifications. You can drill down and get more information about any of these sections from the Status drop-down menu. The Reports section allows you to generate reports to send by e-mail or download as a PDF.

5. Advanced IP Scanner

Advanced IP Scanner is a fast and easy to use network scanner that detects any network devices (including wireless devices such as mobile phones, printers, and WIFI routers) on your network. It allows you to connect to common services such as HTTP, FTP and shared folders if they are enabled on the remote machine. You are also able to wake up and shut down remote computers.

The installer allows you to fully install the application on your machine or run the portable version. When you launch Advanced IP Scanner, start by going to Settings > Options to select which resources to scan and how fast/accurate you want the results. You can then choose which subnet to scan and proceed with pressing the 'Scan' button. Once the scan is complete, expand the results to see which resources you can connect to for each discovered device or export your results to XML/HTML/CSV.

6. Capsa Free

Capsa Free is a network analyzer that allows you to monitor network traffic, troubleshoot network issues and analyze packets. Features include support for over 300 network protocols (including the ability to create and customize protocols), MSN and Yahoo Messenger filters, email monitor and auto-save, and customizable reports and dashboards.

When you launch Capsa, choose the adapter you want it to bind to and click 'Start' to initiate the capture process. Use the tabs in the main window to view the dashboard, a summary of the traffic statistics, the TCP/UDP conversations, as well as packet analysis.

7. Telerik Fiddler

Fiddler is a web debugging tool that captures HTTP traffic between chosen computers and the Internet. It allows you to analyze incoming and outgoing data to monitor and modify requests and responses before they hit the browser. Fiddler gives you extremely detailed information about HTTP traffic and can be used for testing the performance of your websites or security testing of your web applications (e.g., Fiddler can decrypt HTTPS traffic).

When you launch Fiddler, HTTP traffic will start to be captured automatically. To toggle traffic capturing, hit F12. You can choose which processes you wish to capture HTTP traffic for by clicking on 'All Processes' in the bottom status bar, or by dragging the 'Any Process' icon from the top menu bar onto an open application.

8. NetworkMiner

NetworkMiner captures network packets and then parses the data to extract files and images, helping you to reconstruct events that a user has taken on the network – it can also do this by parsing a pre-captured PCAP file. You can enter keywords which will be highlighted as network packets are being captured. NetworkMiner is classed as a Network Forensic Analysis Tool (NFAT) that can obtain information such as hostname, operating system and open ports from hosts.

In the example above, I set NetworkMiner to capture packets, opened a web browser and searched for 'soccer' as a keyword on Google Images. The images displayed in the Images tab are what I saw during my browser session.

When you load NetworkMiner, choose a network adapter to bind to and hit the 'Start' button to initiate the packet capture process.

9. Pandora FMS

Pandora FMS is a performance monitoring, network monitoring, and availability management tool that keeps an eye on servers, applications and communications. It has an advanced event correlation system that allows you to create alerts based on events from different sources and notify administrators before an issue escalates.

When you login to the Pandora FMS Web UI, start by going to the ‘Agent detail' and ‘Services' node from the left-hand navigation pane. From here, you can configure monitoring agents and services.

10. Zenoss Core

Zenoss Core is a powerful open source IT monitoring platform that monitors applications, servers, storage, networking, and virtualization to provide availability and performance statistics. It also has a high-performance event handling system and an advanced notification system.

Once you login to Zenoss Core Web UI for the first time, you are presented with a two-step wizard that asks you to create user accounts and add your first few devices/hosts to monitor. You are then taken directly to the Dashboard tab. Use the Dashboard, Events, Infrastructure, Reports and Advanced tabs to configure Zenoss Core and review reports and events that need attention.

11. PRTG Network Monitor Freeware

PRTG Network Monitor monitors network availability and network usage using a variety of protocols including SNMP, Netflow, and WMI. License information for this component not found excel 2016 mac. It is a powerful tool that offers an easy to use web-based interface and apps for iOS and Android. Amongst others, PRTG Network Monitor's key features include:

(1) Comprehensive Network Monitoring which offers more than 170 sensor types for application monitoring, virtual server monitoring, SLA monitoring, QoS monitoring

(2) Flexible Alerting, including nine different notification methods, status alerts, limit alerts, threshold alerts, conditional alerts, and alert scheduling

Vegas card games. (3) In-Depth Reporting, including the ability to create reports in HTML/PDF format, scheduled reports, as well as pre-defined reports (e.g., Top 100 Ping Times) and report templates.

Note: The Freeware version of PRTG Network Monitor is limited to 100 sensors.

When you launch PRTG Network Monitor, head straight to the configuration wizard to get started. This wizard will run you through the main configuration settings required to get the application up and running, including the adding of servers to monitors and which sensors to use.

12. MiTeC Network Scanner

MiTeC Network Scanner is a modest yet feature rich network scanner for detecting network devices which include remote command execution and shutdown functionality, as well as Active Directory scanning and a bunch of in-built network tools as some of its key features.

When you launch MiTeC Network Scanner, start by selecting one of the scans to run from the Scan section on the top ribbon.

13. Splunk

Splunk is a data collection and analysis platform that allows you to monitor, gather and analyze data from different sources on your network (e.g., event logs, devices, services, TCP/UDP traffic, etc.). You can set up alerts to notify you when something is wrong or use Splunk's extensive search, reporting, and dashboard features to make the most of the collected data. Splunk also allows you to install ‘Apps' to extend system functionality.

Note: When you first download and install Splunk, it automatically installs the Enterprise version for you to trial for 60 days before switching to the Free version. To switch to the free version straight away, go to Manager > Licensing.

When you login to the Splunk web UI for the first time, add a data source and configure your indexes to get started. Once you do this, you can then create reports, build dashboards, and search and analyze data.

14. Angry IP Scanner

Angry IP Scanner is a standalone application that facilitates IP address and port scanning. It is used to scan a range of IP addresses to find hosts that are alive and obtain information about them (including MAC address, open ports, hostname, ping time, NetBIOS information, etc.).

When you execute the application, go to Tools > Preferences to configure Scanning and Port options, then go to Tools > Fetchers to choose what information to gather from each scanned IP address.

15. Icinga 2

Icinga is a Linux based fully open source monitoring application which checks the availability of network resources and immediately notifies users when something goes down. Icinga provides business intelligence data for in-depth analysis and a powerful command line interface.

When you first launch the Icinga web UI, you are prompted for credentials. Once you've authenticated, use the navigation menu on the left-hand side to manage the configuration of hosts, view the dashboard, reports, see a history of events, and more.

16. Observium Community

Observium Community is an intuitive SNMP-based network management and monitoring tool that auto-discovers devices on your network and reports back on their status. It runs on Linux and supports a multitude of device types, platforms and operating systems including Cisco, F5, Citrix, Juniper, Windows, Linux and more.

Start by adding devices to monitor either manually or via the auto-discovery feature, which probes the network looking for SNMP configured devices. After devices have been added, go to the Overview page to review the status of each device.

17. NetXMS

NetXMS is multi-platform network management and monitoring system that offers event management, performance monitoring, alerting, reporting and graphing for the entire IT infrastructure model. NetXMS's main features include support for multiple operating systems and database engines, distributed network monitoring, auto-discovery, and business impact analysis tools, amongst others. https://thebig-download.mystrikingly.com/blog/mac-cleaner-pro-1-5-hp. NetXMS gives you the option to run a web-based interface or a management console.

Once you login to NetXMS you need to first go to the 'Server Configuration' window to change a few settings that are dependent on your network requirements (e.g., changing the number of data collection handlers or enabling network discovery). You can then run the Network Discovery option for NetXMS to discover devices on your network automatically, or add new nodes by right-clicking on 'Infrastructure Services' and selecting Tools > Create Node.

18. WirelessNetView

WirelessNetView is a lightweight utility (available as a standalone executable or installation package) that monitors the activity of reachable wireless networks and displays information related to them, such as SSID, Signal Quality, MAC Address, Channel Number, Cipher Algorithm, etc.

As soon as you execute WirelessNetView, it automatically populates a list of all reachable Wi-Fi networks in the area and displays information relevant to them (all columns are enabled by default).

Note: Wireless Network Watcher is a small utility that goes hand in hand with WirelessNetView. Tinkertool system change advanced os x settings 6 83. It scans your wireless network and displays a list of all computers and devices that are currently connected, showing information such as IP address, MAC address, computer name and NIC card manufacturer – all of which can be exported to an HTML/XML/csv/txt file.

19. Riverbed Xirrus Wi-Fi Inspector

Riverbed Xirrus Wi-Fi Inspector can be used to search for Wi-Fi networks, manage and troubleshoot connections, verify Wi-Fi coverage, locate Wi-Fi devices and detect rogue Access Points. Riverbed Xirrus Wi-Fi Inspector comes with a built-in connection, quality and speed tests.

Once you launch Wi-Fi Inspector and choose an adapter, a list of available Wi-Fi connections is displayed in the 'Networks' pane. Details related to your current Wi-Fi connection are shown in the top right-hand corner. Everything pretty much happens from the top ribbon bar – you can run a test, change the layout, edit settings, refresh connections, etc.

20. Wireshark

This list wouldn't be complete without the ever-popular Wireshark. Wireshark is an interactive network protocol analyzer and capture utility. It provides for in-depth inspection of hundreds of protocols and runs on multiple platforms.

When you launch Wireshark, choose which interface you want to bind to and click the green shark fin icon to get going. Packets will immediately start to be captured. Once you've collected what you need, you can export the data to a file for analysis in another application or use the inbuilt filter to drill down and analyze the captured packets at a deeper level from within Wireshark itself.

Are there any free tools not on this list that you've found useful and would like to share with the community?

Get your free 30-day trial

Get immediate results. Identify where you're vulnerable with your first scan on your first day of a 30-day trial. Take the necessary steps to fix all issues.

Get your free 30-day trial

Get immediate results. Identify where you're vulnerable with your first scan on your first day of a 30-day trial. Take the necessary steps to fix all issues.

Related Utilities

• LiveTcpUdpWatch - View all TCP/UDP activity on your system.
• SmartSniff - Capture TCP/IP packets on your network adapter
• SocketSniff - Windows Sockets (WinSock) Sniffer

See Also

• NK2Edit - Edit, merge and fix the AutoComplete files (.NK2) of Microsoft Outlook.

Description

Notice !

• When the 'Use DNS Cache For Host Names' option is turned on, there is a significant memory leak on every refresh. This memory leak is not caused directly by CurrPorts, but by the DNS cache programming interface of Windows. Currently, I cannot find a workaround for this problem, so if you run CurrPorts for many hours in automatic refresh mode, it's recommended to turn off the 'Use DNS Cache For Host Names' option.
• If you want to monitor UDP activity, you should try using the LiveTcpUdpWatch tool.

Search for other utilities in NirSoft

Versions History

• Version 2.62:
  • Added 'Copy Remote Address' option.
• Version 2.61:
  • Fixed CurrPorts to update the TCP port status ('State' column) when it's changed.
• Version 2.60:
  • Added support for GeoLite2 City and GeoLite2 Country database in CSV format (Both IPv4 and Ipv6 addresses are supported).
  • In order to use it, you have to extract the files of GeoLite2 database into the folder of cports.exe
  • Added support for GeoLite2 ASN database in CSV format. In order to use this feature, extract the CSV files into the folder of cports.exeand the information will be displayed in the 'Remote IP ASN' and 'Remote IP Company' columns.
• Version 2.55:
  • Added /CaptureTime command-line option, which allows you to capture ports information from command-line for the specified number of milliseconds, instead of taking a single snapshot.
  • For example: cports.exe /scomma c:tempports1.csv /CaptureTime 10000
  • Be aware that you must run cports.exe as administrator in order to get the Sent/Receive bytes information with the /CaptureTime command-line option.
  • Added /RunAsAdmin command-line option, for running CurrPorts as administrator from command-line.
• Version 2.51:
  • Added 'Creation Timestamp' column, which displays the date/time that the connection was created. Be aware that this information is not available for all connections and it works better on Windows 10.
• Version 2.50:
  • Added new columns: 'Sent Bytes', 'Received Bytes', 'Sent Packets', 'Received Packets'. These columns are active only when running CurrPorts as Administrator , 'Auto Refresh' mode is active and the 'Collect Send/Receive Bytes Information' option is turned on.
• Version 2.36:
  • Added 'Auto Size Columns+Headers' option.
• Version 2.35:
  • The 'Resolve IP Addresses' option now also works with IPv6 addresses.
• Version 2.32:
  • Added option to choose another font (name and size) to display in the main window (Under the View menu).
• Version 2.31:
  • You can now specify process ID in the /close command-line option, for example:
    cports.exe /close * * * * 2154
• Version 2.30:
  • Added separated display filter for every TCP state, under Options -> State Display Filter ('Display Syn-Sent', 'Display Time Wait', and more.)
• Version 2.25:
  • Added 'Hide Items With Loopback Address' option (Hide items that their Local Address or Remote Address is 127.0.0.1 or ::1 )
• Version 2.22:
  • Fixed bug: The 'Run As Administrator' option failed to work on some systems.
• Version 2.21:
  • Changed the way that the 'Use DNS Cache For Host Names' option works, in order to solve a memory leak problem.
• Version 2.20:
  • CurrPorts now displays the process names (Some of them without the full path) for most processes when you run it without elevation ('Run As Administrator').Also, the 32-bit version of CurrPorts now detects 64-bit processes properly.
• Version 2.15:
  • Added 'Run As Administrator' option (Ctrl+F11), which allows you to easily run CurrPorts as Administrator on Windows Vista/7/8/2008. (When you run CurrPorts as admin, information about all prcesses is displayed)
  • Fixed bug: CurrPorts failed to remember the last size/position of the main window if it was not located in the primary monitor.
• Version 2.12:
  • You can now disable/enable all filters from the toolbar.
• Version 2.11:
  • Fixed memory leak problem.
• Version 2.10:
  • When saving the opened ports from command-line, CurrPorts now uses the same columns order saved in the .cfg file.
• Version 2.09:
  • Fixed bug from version 2.08: Some filters stopped working.
• Version 2.08:
  • Added support for filtering by process ID (In Advanced Filters window), for example:
    include:process:327
• Version 2.07:
  • Fixed the flickering on automatic refresh.
• Version 2.06:
  • Fixed issue: The properties dialog-box and other windows opened in the wrong monitor, on multi-monitors system.
• Version 2.05:
  • Added support for GeoLite City database.You can now download the GeoLite City database (GeoLiteCity.dat.gz), put it in the same folder of cports.exe, and CurrPorts will automatically use it to get the country/city information for every remote IP address.
• Version 2.02:
  • CurrPorts now displays a simple error message if it fails to close one or more TCP connections.
• Version 2.01:
  • The 'Remote Address' and 'Local Address' columns are now sorted by the IP address numerically. (In previous versions they were sorted alphabetically)
• Version 2.00:
  • Added optional fifth parameter to the /close command-line option, which allows you to specify a process name (e.g: firefox.exe)
• Version 1.97:
  • The 'Use DNS Cache For Host Names' option is now turned off by default, because it seems thatreading the DNS cache causes a memory leak on some Windows 7/x64 systems.
• Version 1.96:
  • Fixed bug: CurrPorts randomly failed to display remote port numbers of IPv6 connections.
• Version 1.95:
  • Added 'Use DNS Cache For Host Names' option. When it's turned on,CurrPorts uses the DNS cache of Windows to resolve remote IP addresses.
• Version 1.94:
  • Added 'Custom' AutoRefresh option under Options -> Auto Refresh.The number of seconds for the Custom AutoRefresh can be set in the Advanced Options window (Ctrl+O)
  • Fixed the problem with sending the data to stdout (when the filename is empty string).
• Version 1.93:
  • Updated the internal country names (added more 14 countries) that are used for displaying the country name in the 'Remote IP Country' column.
• Version 1.92:
  • When choosing 'Clear Log File' option, CurrPorts now asks you whether you want toclear the log, in order to avoid from clearing the log file by mistake.
• Version 1.91:
  • Added 'Beep On New Ports' option.
• Version 1.90:
  • Added 'Tray Balloon On New Ports' option. When both this option and 'Put Icon On Tray' option are turned on,every new port detected by CurrPorts will be displayed in a tray balloon.(If the TCP/UDP port is filtered by the other CurrPorts options and it's not displayed in themain window, it won't be displayed in the tray balloon.)
• Version 1.87:
  • Improved the 'User Name' column.If you run CurrPorts as administrator, this column will display the user namefor all processes. (In previous versions, CurrPorts failed to detect processes created by other users, evenwhen you run it as Administrator)
• Version 1.86:
  • Added 'Mark Odd/Even Rows' option, under the View menu. When it's turned on, the odd and even rows are displayed in different color, to make it easier to read a single line.
• Version 1.85:
  • Added command-line options to control the settings under the Options and View menus:/MarkPorts, /DisplayUdpPorts, /DisplayTcpPorts, /DisplayClosedPorts, and more.
• Version 1.83:
  • Added 'Add Header Line To CSV/Tab-Delimited File' option. When this option is turned on, the column names are addedas the first line when you export to csv or tab-delimited file.
• Version 1.82:
  • Added 'Resize Columns On Every Refresh' option, which allows you to automatically resize the columnsaccording to the text length on every refresh.
• Version 1.81:
  • Added more include/exclude filter options in the context menu of CurrPorts.
• Version 1.80:
  • Added custom log line option (In 'Advanced Options' window), which allows you to set the format of the log line and put in it any column value you like.
• Version 1.76:
  • Added 'One-Click Tray Icon' option. When it's checked and you use the tray icon option,one click on the tray icon with the left mouse button will open CurrPorts. (Without this option, double-click is required)
• Version 1.75:
  • Added 'Exclude Selected Processes In Filters' option in the context menu.
  • Added accelerator key for 'Include Selected Processes In Filters' option.
  • Fixed bug 'Include Selected Processes In Filters' option: failed to work on system process.
  • Added 'Disable All Filters' option to easily toggle between active filter state and no filter state, asan alternative for 'Clear All Filters', which doesn't allow you to return back the filters.
• Version 1.70:
  • Added /sort command-line option for sorting the connections list saved from command-line.
• Version 1.66:
  • Fixed issue: When CurrPorts window is hidden and there is an icon in the taskbar, running CurrPorts again will open the existing instance of CurrPorts, instead of creating another one.
• Version 1.65:
  • Added drag And drop icon in the toolbar that allows to to easily filter by the desired application.Simply drag the target icon into the window of the application, and CurrPorts will display only the openedports of this application.
• Version 1.60:
  • Added new column: Window Title (The window title of the process)
  • Added 'Clear All Filters' option.
  • Added 'Include Selected Processes In Filters' option. Allows you to easily filter by selected processes.
• Version 1.56:
  • Added new option: Ask before any action. (If you uncheck this option, CurrPorts won't ask you any question before closing ports/applications)
• Version 1.55:
  • Added number of remote connections to the status bar.
  • Added ports information in the tray icon tooltip.
• Version 1.51:
  • Fixed bug: In rare cases, exception window may appear when starting CurrPorts.
• Version 1.50:
  • Added 'Display Port In Address' option.When this option is checked, the addresses will be displayed in 'address:port' format.
• Version 1.48:
  • Fixed the Alt+1 accelerator key.
• Version 1.47:
  • Added AutoRefresh every 1 second.
• Version 1.46:
  • Automatically launch IPNetInfo when it's in the same folder of CurrPorts.
• Version 1.45:
  • Added 'Remote IP Country' column that displays the country name of the remote IP address (requires to download an external file from here)
• Version 1.41:
  • Fixed bug: CurrPorts failed to display the current Auto Refresh status in Menu.
• Version 1.40:
  • Added support for IPv6.
• Version 1.37:
  • Fixed bug: CurrPorts failed to display process information when running under Windows Vistawith non-admin user.
  • Added Module Filename column (works only on XP/SP2)
• Version 1.36:
  • Fixed bug: The main window lost the focus when the user switched to another application and then returned back to CurrPorts.
• Version 1.35:
  • Fixed bug in saving as comma-delimited file when field values contained comma character.
• Version 1.34:
  • New Option: Remember Last Filter (The filter is saved in cports_filter.txt)
• Version 1.33:
  • Added support for saving comma-delimited (.csv) files.
  • Added new command-line option: /scomma
• Version 1.32:
  • New Option: Start CurrPorts As Hidden (Only when 'Put Icon On Tray' is turned on)
  • New Option: Copy Remote IP Address (F2).
• Version 1.31:
  • Fixed bug: TCP and UDP ports with the same number and in the same process merged into one item.
• Version 1.30:
  • New column: Added On - Displays the date that the specified connection was added.
  • New Option: Put Icon On Tray.
  • New Option: Log File.
• Version 1.20:
  • Added support for filters.
  • The settings of CurrPorts utility is now saved to cfg file instead of using the Registry.
  • New command-line options.
  • You can now send the information to stdout by specifying an empty filename (') in the command-line.
  • Added support for x64.
• Version 1.11:
  • Added support for process information in Vista.
• Version 1.10:
  • A tooltip is displayed when a string in a column is longer than the column length.
• Version 1.09:
  • /close command-line parameter - Close a connection from command-line
• Version 1.08:
  • Fixed columns order bug.
• Version 1.07:
  • New option: Resolve the remote IP addresses.
• Version 1.06:
  • New column: Process Attributes - Display the file attributes of the process (H for hidden, R for read-only, and so on)
  • Added support for working with IPNetInfo utility
• Version 1.05:
  • Fixed bug: identify process path starting with '??'
• Version 1.04:
  • Added more accelerator keys.
  • Added support for Windows XP visual styles.
• Version 1.03:
  • New Option: Display Listening
  • New Option: Display Established
  • New Option: Display Items With Unknown State
  • New Option: Display Items Without Remote Address
• Version 1.02:
  • Fixed bug: 'Exception C0000005' message when running CurrPorts on Windows NT/2000 without administrator rights.
  • New column: 'Process Services' - Displays the list of services of a process.
• Version 1.01:
  • The 'Copy Selected Items' option now copies the ports data in tab-delimited format,so you can instantly paste the data into your Excel worksheet.
  • Improvment in ports to process binding under Windows 2000.Process information is now also displayed under Windows NT.
• Version 1.00: First release.

System Requirements

Using CurrPorts

The main window of CurrPorts displays the list of all currently opened TCP and UDP ports.You can select one or more items, and then close the selected connections, copy the ports information to the clipboard,or save it to HTML/XML/Text file.If you don't want to view all available columns, or you want to change the order of the columnson the screen and in the files you save, select 'Choose Column' from the View menu, andselect the desired columns and their order. In order to sort the list by specific column,click on the header of the desired column.

The Options Menu

• Display Listening:If this option is enabled, all listening ports are displayed.
• Display Established:If this option is enabled, all established connections are displayed.
• Display Closed:If this option is enabled, closed ports (with 'Time Wait', 'Close Wait', or 'Closed' state) are displayed.
• Display Items With Unknown State:If this option is enabled, items with unknown state (the state column is empty) are displayed.
• Display Items Without Remote Address:If this option is enabled, disconnected ports with no remote address are displayed.
• Display TCP Ports:If this option is disabled, TCP ports won't be displayed in the ports list.
• Display UDP Ports:If this option is disabled, UDP ports won't be displayed in the ports list.
• Mark Ports Of Unidentified Applications:If this option is enabled, all TCP/UDP ports that opened by applications with noversion information and with no icons, are automatically marked with pink color.If you have on your system one or more ports marked with pink color, you shoulddeeply check the processes that created these ports. It could be only an innocent application that simply doesn't contain any icons and versioninformation (For example: the executables of MySQL and Oracle servers don't contain any icons or version info, so if you have MySQL/Oracle servers on your system, the ports they open will be marked.), but it can also be a trojan or other unwanted application that infiltrated into your system.
• Mark New/Modified Ports:If this option is enabled, each time the ports list is refreshed, all newly added ports and existingports with changes are marked with green color.
• Auto Refresh:Allows you to automatically refresh the opened ports list each 2, 4, 6, 8, or 10 seconds.
• Sort On Auto RefreshIf this option is enabled, the entire ports list is sorted each time that the list isrefreshed automatically. Otherwise, new/modified ports are added to the bottom of the list.

The 'Remote IP Country' column

You can also use the GeoLite2 City database.Download the GeoLite2 City or GeoLite2 Country in CSV format and extract all files into the folder of cports.exe
Be aware that the loading process of the GeoLite2 City database is quite slow.

The 'Remote IP ASN' and 'Remote IP Company' columns

Using Filters

In the filters dialog-box, you can add one or more filter strings (separated by spaces, semicolon, or CRLF) in the following syntax:
[include | exclude] : [local | remote | both | process] : [tcp | udp | tcpudp] : [IP Range | Ports Range]

Here's some examples that demonstrate how to create a filter string:

• Display only packets with remote tcp port 80 (Web sites):
  include:remote:tcp:80
• Display only packets with remote tcp port 80 (Web sites) and udp port 53 (DNS):
  include:remote:tcp:80
  include:remote:udp:53
• Display only packets originated from the following IP address range: 192.168.0.1 192.168.0.100:
  include:remote:tcpudp:192.168.0.1-192.168.0.100
• Display only TCP and UDP packets that use the following port range: 53 - 139:
  include:both:tcpudp:53-139
• Filter most BitTorrent packets (port 6881):
  exclude:both:tcpupd:6881
• Display only the opened ports of FireFox browser:
  include:process:firefox.exe

Integration with IPNetInfo utility

1. Download and run the latest version of IPNetInfo utility.(If you have IPNetInfo with version prior to v1.06, you must download the newer version.)
2. Select the desired connections, and then choose 'IPNetInfo' from the File menu (or simply click Ctrl+I).
3. IPNetInfo will retrieve the information about remote IP addresses of the selected connections.

Log File

Be aware that the log file is updated only when you refresh the ports list manually, or when the'Auto Refresh' option is turned on.

Custom Log Line

In the format string, you can use the following variables:
%Process_Name%
%Protocol%
%Local_Port%
%Local_Address%
%Remote_Port%
%Remote_Address%
%Process_Path%
%Process_ID%
%State%
%Product_Name%
%File_Description%
%File_Version%
%Company%
%Process_Created_On%
%Local_Port_Name%
%Remote_Port_Name%
%User_Name%
%Process_Services%
%Process_Attributes%
%Remote_Host_Name%
%Added_On%
%Module_Filename%
%Remote_IP Country%
%Window_Title%

You can also set the minimum number of characters for the column value, for example:
%Process_Name.25% (Fill with spaces - up to 25 characters)

Notice: %Remote_Host_Name% variable is not displayed on newly added connections, because the IP address resolving is asynchronous operation, and the host name is still not available when the log line is added.

Command-Line Options

Examples:
cports.exe /shtml 'f:temp1.html' /sort 2 /sort ~1
cports.exe /shtml 'f:temp1.html' /sort 'Protocol' /sort '~Remote Address'

Here's some examples:

Portsmonitor 1 4 0 – Monitor System Tcpip Network Connections Protocols

• Save all opened TCP/IP ports created by Internet Explorer browser to HTML file:
  cports.exe /filter 'include:process:iexplore' /shtml 'c:tempports.html'
• Add all opened ports information to ports.txt (as tab-delimited text file). This example only workswhen running it from a command-prompt window.
  cports.exe /stab ' >> c:tempcports1.txt
• Start CurrPorts with filter that will only display the opened ports of Internet Explorer and FireFox:
  cports.exe /filter 'include:process:firefox;include:process:iexplore'

Closing a Connection From Command-Line

For each parameter, you can specify '*' in order to include all ports or addresses.The process name is an optional parameter. If you specify a process, only the ports of the specified process will be closed.
Examples:

• Close all connections with remote port 80 and remote address 192.168.1.10:
  /close * * 192.168.1.10 80
• Close all connections with remote port 80 (for all remote addresses):
  /close * * * 80
• Close all connections to remote address 192.168.20.30:
  /close * * 192.168.20.30 *
• Close all connections with local port 80:
  /close * 80 * *
• Close all connections of Firefox with remote port 80:
  /close * * * 80 firefox.exe
• Close all connections of the process that its ID is 3276:
  /close * * * * 3276

Translating CurrPorts To Another Language

1. Run CurrPorts with /savelangfile parameter:
   cports.exe /savelangfile
   A file named cports_lng.ini will be created in the folder of CurrPorts utility.
2. Open the created language file in Notepad or in any other text editor.
3. Translate all menus, dialog-boxes, and string entries to the desired language.
4. After you finish the translation, Run CurrPorts, and all translated strings will be loaded from the language file.
   If you want to run CurrPorts without the translation, simply rename the language file, or move it to another folder.

License

Disclaimer

Feedback

CurrPorts is also available in other languages. In order to change the language of CurrPorts, download the appropriate language zip file, extract the 'cports_lng.ini', and put it in the same folder that you Installed CurrPorts utility.