View Full Version : TCPView
eclectica
2003-07-15, 11:18
TCPView (http://www.sysinternals.com/ntw2k/source/tcpview.shtml) is a Windows program that will show you detailed listings of all TCP and UDP endpoints on your system, including the local and remote addresses and state of TCP connections. TCPView requires Windows 98, Windows Me, Windows NT 4.0, Windows 2000 or Windows XP. On Windows NT, 2000 and XP TCPView also reports the name of the process that owns the endpoint.
This program is good because of the fact that it shows the processes that are responsible for the activity. Another program I've used is Netmon 1.6 (http://www.tatom.org/public/netmon160.exe), but it doesn't show the processes responsible.
Or if you don't want to use any special programs, you can use the one that comes with Windows, called "netstat.exe". Go to "run" and type in netstat -an 10 to see TCP/IP and UDP activity on your computer.
i don't quite understand any of that.
what would this information tell me, E.?
eclectica
2003-07-28, 04:14
It is a program which lists all your TCP/IP internet activity on your computer. You can test it on your Windows computer by going to Start-->Run and typing "netstat -an 10". You will then see all TCP/IP activity on your computer. For example, you may see that you are connected to 216.67.233.204 on port 80. That's this website. (Try here: http://216.67.233.204:80) And if you check your e-mail, you'll see you're connected to an IP address usually on port 110. Also see that there are listening ports. If you are running WinMX you will see listening on port 6699, and if you are running SoulSeek you will see listening on port 2234. Windows XP also comes with a shitload of listening services that are running too, which will cause a lot of listening ports to be seen.
If you want to know the IP address of someone downloading from you then will be able to do so in this "netstat" program. It will show an established connection on your port 6699, and the primary node you are connected to will probably show you connected to someone else's IP address on port 6699.
This program I have featured here called "TCPView" is a fancier version of what you get with Windows, because it has more options and features.
The IP address of your own computer is 127.0.0.1, regardless of whether you are on a local network or going solo. You can have fun by going to Start-->Programs-->Accessories-->Command Prompt and typing "net send 127.0.0.1 masturbation promotes world peace". That should give you a popup message. Now try that with someone's IP address you know instead of 127.0.0.1, and it might work if there is no firewall.
Actually I have a listing of the IP addresses of all the forum posters here, so if any of you happen to get any strange messages popping up on your computer, just do what you feel is in your best interests.
:jerkoff:
omg, is that smilie doing what i think......hahahahah.
gotcha. i did try the netstat thing and saw a bunch of stuff i didn't know what it all meant.
i guess what i would want to know is whether any of that information is of any use to such a lament????
eclectica
2003-07-29, 13:19
That smiley there is celebrating the virtues of work and industriousness. It is a farmer milking a cow. I don't know what you see when you look at it.
I suppose the extent that you would be interested in the netstat TCP/IP activity would be to check the IP address of someone who you are downloading or uploading from. Then by entering the information on a page like ARIN whois (http://www.arin.net/whois/) or RIPE whois (http://www.ripe.net/db/whois/whois.html), you would be able to see who the person has as an internet provider, and get an idea approximately of where the person lives.
Originally posted by eclectica
That smiley there is celebrating the virtues of work and industriousness. It is a farmer milking a cow. I don't know what you see when you look at it.
I suppose the extent that you would be interested in the netstat TCP/IP activity would be to check the IP address of someone who you are downloading or uploading from. Then by entering the information on a page like ARIN whois (http://www.arin.net/whois/) or RIPE whois (http://www.ripe.net/db/whois/whois.html), you would be able to see who the person has as an internet provider, and get an idea approximately of where the person lives.
wow....that's exactly what i thought he was doing....lol.
milking a cow.....hahahahh.
well, as to this tcp/ip thing.......i don't really care who is downloading from me or where they live.
now if it was able to show me "hacker" info or something, if someone was trying this, then i think it may be useful.
eclectica
2003-07-31, 00:11
A lot of people think it's a terrible thing if someone knows your IP address, but it really isn't such a bad thing, unless you are running an ftp server with no firewall that allows anonymous logins to gain root access to the whole hard drive.
People fear the unknown or fear things which they don't understand too well. But if you're just an ordinary person then it's not a problem for your IP address to be known to the public.
Here's my current IP address:
67.100.107.130
Ooh, I'm scared TEH massive GHEY script kiddies will do damage! :eek:
Criminal_Sniper
2003-09-19, 23:53
its good to hide
its like leaving ur front door open
i have had 280K hits on one of my firewalls in just under a month
is it widespread or i just get up to more than the usual person? i dont know
tcpview ya got it nice
eclectica
2003-09-20, 06:59
Originally posted by Criminal_Sniper
i have had 280K hits on one of my firewalls in just under a month
is it widespread or i just get up to more than the usual person?
That depends what type of hits you are getting on your firewall. For a while I was running the Sygate firewall, and it would log all traffic as well as show if someone pinged me. I actually had to increase the log file size to around 40 MB or the program would have problems. But all of the activity reported, though voluminous, was harmless p2p activity that was caused by running an OpenNap server.
Criminal_Sniper
2003-09-20, 23:31
nah im not running p2p let alone sygate and opennap
no ive just been a target of some people for some time now
and i dont really give a fuck!
vBulletin® v3.8.3, Copyright ©2000-2010, Jelsoft Enterprises Ltd.