How to look at active connections

How to look at active connections

During work on the Internet the computer connects to the different network addresses. Sometimes the user has a need to learn with what ip the connection is at the moment established. It can be done, using as possibilities of the operating system, and having installed the additional software.


1. Usually need to look at active connections is connected with suspicion of computer infection with spy programs. Correctly configured computer should connect to network only when you open some pages or during update of the OS files and bases of the antivirus software. If the indicator of network connection in a tray continually "comes to life" by itself, and the computer, irrespective of you, exchanges some information with the Internet, it is necessary to find out the reasons of similar network activity.

2. Open the command line, for this purpose execute: "Start-up" - "All programs" - "Standard" - "Command line". In the opened window enter the netstat command – aon and click Enter. You will see the list of all network connections, active will be marked out in the graph "Status" as ESTABLISHED.

3. Pay attention to the column "Foreign address" - in it ip to which your computer, and port of connection connected are specified. Port 80, for example, is characteristic of Web servers. But if you see some other port, it is already a reason for alarm. In this case you need to find out, installed on your computer what application opens this connection.

4. Look at the last column, in it identifiers of processes (PID) are specified. Remember the identifier of suspicious process, then in the same window make the tasklist team. The list of the processes started on the computer will open. In the first column names of processes, in the second – their identifiers will be specified. Find the identifier of suspicious process, then, to the left of it, look at a name of the program to which it belongs.

5. How to be if the process name tells nothing to you? Take him in the searcher, and you obtain all information on this process. If there is no information, then the probability that you "caught" the new Trojan program, data on which did not get to the Internet and to bases of antiviruses yet, is very high.

6. Pay attention to what port opens suspicious process – information on open ports is present at the graph "Local Address". Check the processes which are in wait state of connection – LISTENING. Quite so backdoors – the Trojan programs intended for reserved connection with the infected computer behave. A server part of such program always "hangs" on some port and waits for connection from the hacker's computer.

7. For complete control of connections install the BWMeter program. It is one of the best programs of this class, it will allow you to see to what addresses your computer connects, there is an opportunity to write information in the log.

Author: «MirrorInfo» Dream Team