Conrad Agramont's WebLog

Moved to: http://agramont.net/

Microsoft Port Reporter

Microsoft has release a handy utility, "Port Reporter",  to log which ports are being access on a given computer.  It runs as a service and the logs are in a comma delimited format text file.  I'm currently using this on my dev box and it's pretty interesting to see which applications are accessing network resources and on what port.  The most interesting part is to see how often a given application goes over the network for something. 

Here is a pointer the Microsoft KB Article that discusses how to download, install, and run the utility:

http://support.microsoft.com/default.aspx?scid=kb;en-us;837243

This utility can run on Windows XP, 2000, and 2003.

BTW, don't forget to install the Port Reporter Parsing utility (also found on the above URL).  It makes sifting through all of the port data a bit easier.  BTW, watch out for the log file to go crazy on front end production servers.  Don't know if it's an issue, but something to keep mindful of.

Posted: Sep 07 2004, 02:45 PM by Conrad | with 1 comment(s)

Comments

Mark said:

Thanks for posting this link. I have been struggling for days with a problem - As I browse with Internet Explorer, it starts opening up connections to some IP address:8080. I used TcpView tool to find this. It does this irrespective of any page I visit. I am assuming it is a spyware. I have tried running couple of anti-spyware tools, but in vain. I am wondering if it is a BHO. I am hoping this tool will help figure out. Any other tools you could recommend?
# September 7, 2004 3:20 PM
Leave a Comment

(required) 

(required) 

(optional)

(required)