14 DAY TRIAL // To discover hidden or unknown network connections established by your running applications, find out what is slowing down your Internet, spot rogue tools that shouldn't be authorized to connect to the web, and identify opened ports that can be infiltrated by malware, you can resort to specialized tools.
In this guide, we're exploring two free Windows applications for monitoring network TCP and UDP network connections made by running programs, Resource Monitor and CurrPorts, along with a commercial tool with a multitude of features: NetInfo.
Windows Resource Monitor
Resource Monitor is built into Windows, so you don't have to install it. Press the Win key, type Resource Monitor, and go to the Network tab. In the Processes with Network Activity area, you can view the name (Image), process ID (PID), sent packets (Send), received packets (Receive) and total transferred data (Total) of each running process. To terminate one or more running apps, click the box of one or more processes to select them, right-click and choose End Process.
Click the Network Activity bar to analyze the network activity of all processes or just the selected ones. In addition to the previously mentioned details, you can find out the remote Address that the processes are connected to.
Click the TCP Connections bar to find out the Local Address and Port number, Remote Address and Port number, Packet Loss, and Latency for each process.
Click the Listening Ports bar to view the Local Address and Port used by processes for listening, along with the Protocol (TCP, UDP) and Firewall Status (like Allowed, restricted and Not allowed, not restricted).
CurrPorts
CurrPorts is portable, so you can save it anywhere on the hard disk or keep it stored on a USB flash drive to directly run it on any PC. It automatically detects all Internet connections established by your running applications at startup and monitors the network continuously to keep track of modifications (new, modified or removed ports).
You can see a wide range of details about each process, including the process ID (PID), Protocol (TCP or UDP), Local Port number and name, Local and Remote Address, Remote Port number and name, Remote Host Name, State (Established or Listening), Process Path, Product Name, File Description and Version, Company, date and time when the Process was Created On and Added On, User Name, Process Services and Attributes, Module Filename, Remote IP Country, and Window Title.
The processes can be sorted by any of these criteria by just clicking a column. If you have IPNetInfo installed (another free app made by the same developer), you can launch it from the File menu (or press Ctrl+I) to get additional details on a selected IP address. Suspcious ports (whose corresponding apps don't have version info and icons) are highlighted in pink while new or modified ports are highlighted in green.
If you want to terminate an active network connection (without ending the process which established it), you must run CurrPorts with elevated rights (right-click the .exe and pick Run as administrator or open the Help menu to click Run As Administrator or press Ctrl+F11). Select a process from the list or hold down Ctrl or Shift while clicking to make a multiple selection, open the File menu, choose Close Selected Connections (or press Ctrl+T), and click Yes in the popup window for confirmation.
To stop not only an Internet connection but also the process which established it, select an entry from the list, open the File amenu, and click Kill Processes Of Selected Ports (then Yes for confirmation). This doesn't work for multiple selected processes.
To ask CurrPorts to record modifications to file, open the File menu and select Log Changes. Afterward, open the File menu and click Open Log File to open the plain text document and analyze data.
NetInfo
The main window of NetInfo is split into multiple tabs. Go to the Connections tab to find out the Protocol, Local Address, Foreign Address and State of each running Process. The app continuously monitors connections established by active programs and highlights new ones in yellow. To end a currently running process, right-click an entry and select Terminate from the context menu.
Open the Tools menu, click Options, go to the Connections tab in the popup window, and tick the Host names and Port names to include this info in the displayed details about processes. You can also change the highlight color for new connections from yellow to something else (click the ... button next to New connections in color, choose a color, and click Ok) as well as change the refresh rate for the network monitor (click the box next to Refresh every and set the number of seconds). Click Apply in the Options panel for confirmation.
To look up information about a remote host, right-click a process from the list, open the Send To menu, and choose between Ping, Trace, Lookup, Finger, Whois, Daytime, Time, Quote, HTML, Scanner and Services.
In the Ping tab, you can type or paste the Host name (for local PCs only) or IP address and click Start to check how strong the connection is between the machines. The Trace command traces the route to the specified host to identify all networks used as checkpoints (or nodes) to establish the connection. It can be practical for diagnosing network issues to find out which node is faulty.
In the Lookup tab, you can Query a host name or IP address to find out the official server name, country, region, city, zip code, coordinates, and timezone. In the remaining tabs, you can obtain Whois information, the server's current and daytime, and other details.
Play our video guide below to see how these three apps work. You can also download CurrPorts and NetInto.
Monitor Network Connections on Your PC to Detect Rogue Applications
To discover hidden or unknown network connections established by your running apps, find out what is slowing down your Internet, spot rogue tools that shouldn't be authorized to connect to the web, and identify opened ports that can be infiltrated by malware, you can resort to specialized tools. Read our article for more info: http://www.softpedia.com/blog/monitor-network-connections-on-your-pc-to-detect-rogue-applications-505286.shtml
