12/31/2023 0 Comments Windows server 2012 process monitor![]() If I ever get some free time, I'll consider creating this, if you know of an app that does all this, please let me know. So a combination of this API and some sniffer code would be needed to monitor and keep track of what hosts at what ports using what protocol any particular application on your machine is talking to. ![]() The ProcMon combines the capabilities of two legacy Sysinternals utilities at once FileMon and RegMon. This utility allows you to show how processes access files on disk, registry keys, remote resources, etc. NET or Windows API that provides this capability, should I want to write it myself?Īfter further research - looks like the APIs to use are GetExtendedUdpTable and GetExtendedTcpTable, has some samples wrapping these in. The Process Monitor (ProcMon) tool is used to track the various processes activity in the Windows operating system. I want to know if it is from a process I trust, or if it is something I need to investigate further.ĭoes anybody know of any applications (for the Windows platform) that can do this? If not, any ideas about a. I want to be able to then cross reference to discover what application is generating the packets. I don't want to monitor the traffic itself, I have Wireshark if I want to view the traffic. For UDP, I would love to also be able to monitor/keep track of the destination IP addresses and ports that socket has sent messages to. I am searching for ways to:ġ) enumerate all current sockets open in the system, including the process that created it and, for both TCP and UDP, what ports and addresses they are current bound to.Ģ) because applications can open these sockets, use them, and close them right away, I would love to find (or perhaps even write) a program that once started would somehow get notification each time a socket gets created, or really more importantly when bound to a source and/or destination address and port. All packets sent from my machine had the same source port, so clearly the application that sent them opened this UDP socket to use it. Using Wireshark, I can monitor the messages, which were indecipherable as they were probably encrypted. Reverse DNS shows just the ISP providing the address to some end user. If you describe your actual problem, I'll do my best to help you solve it. Because SQL Server is being starved at less than 1gb, but thanks for the smartass answer without actually offering anything constructive. Not that I have any problem with Poland, I just don't know why my laptop has the need to communicate with a server there. If you want memory not to be used, take it out of the server and sit it on your desk. I discovered almost accidentally that my machine was sending and receiving UDP packets to a machine in Poland.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |