Monday, April 23, 2018

Windows Networking Utilities - TCPView and Tcpvcon

TCPView

One of the Windows Networking Utilities is used to view all the TCP and UDP end points in the system. We can also close any suspicious or unwanted connections. It is basically a subset of Netstat program.

It helps to narrow down ports that is being occupied by some other program. If so, we can re-configure to some other free ports in that system.

We need to make sure that we have our program is designed in a way to configure port no. rather than hard-coding it in software.

We can use registry, INI or other means to configure it and make program pick from it to establish the connection.

TCPVcon

Command line utility with similar functionality.

The interesting part is we can limit the results to specific process ID and display it in CSV format.

We can very well output to some text file.

Tcpvcon -c 1234 > D:\Result.txt

Note: 1234 is process ID and not port no.

Incorporate the command into batch files to run on target machine. This will help to investigate issue on customer PCs.

Use -c to know connection established to the port.

Use -a to check if process is listening to which port.

Tcpvcon -a 1235 > "D:\Result2.txt"

Reference: https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview


at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Problem Steps Recorder:- To capture keyboard, mouse event with screen shots

Problem Steps Recorder, also known as PSR, is an utility provided by windows and available since Windows 7. (see below). It can be invo...