Ever wonder why your internet connection lags on speed sometimes? There may be some softwares that have automatic updates enable checking/downloading updates from their respective update server. And in the worst case scenario, there may be some spyware, malware or some adware that resides in your PC, connecting anonymously to their respective hacking servers to sniff your precious data. So, In this scenario, It's very important to keep watch on what is going on under the hood!
In fact, there are mainly two ways to do this task,
- Without using Third-Party Software
- Using Third-Party Software (CurrPorts)
Using Command Prompt
So, to see the activity under the hood, we can simply use the netstat command from the command prompt. This method works flawlessly with Windows 7, Vista and XP(Service pack 2).
We will use the 'netstat' command to see the list of the programs that have made internet connection in the specified amount of time. To use the netstat command, first click on start menu and type "cmd" (Without quotes). Then Right Click on it and select "Run As Administrator" from the pop-up menu. (Refer the image below).
If the User Account Control Box displays, then click on "Yes". (This depends on your "User Account Control Settings".)
At the command prompt type the following lines lines and press Enter.
netstat -abf 5 > activity.txtThe –a option shows all connections and listening ports, the –b option shows you what application is making the connection, and the –f option displays the full DNS name for each connection option for easier understanding of where the connections are being made to. You can also use the –n option if you wish to only display the IP address. The 5 option will poll every 5 seconds for connections to make it more easy to track what is going on, and the results are then piped into the activity.txt file.
Wait for about 2 minutes and then press Ctrl+C to stop recording the data.
Once you have finished recording the data, you can simply open the activity.txt file in Notepad or any of your favorite text editor to see and analyse the activity under the hood.
If you see process names or website addresses with which you are not familiar, you can search for “what is (name of unknown process)” in Google and see what it is. It may be a system function you don't know
about or a function of one of your running programs. However, if it seems like a bad site, you can use Google again to find out how to get rid of it.
Using the Third-Party software CurrPorts
If you are not interested in the geeky stuff mentioned above, you ccan simply install the lightweight software utility named CurrPorts.
For each port that CurrPorts lists, information about the process that opened the port is displayed. You can select connections and close them, copy a ports information to the clipboard or save it to an HTML file, an XML file, or a tab-delimited text file. You can reorder the columns displayed on the CurrPorts main window and in the files you save. To sort the list by a specific column, simply click on the header of that column.
CurrPorts runs under Windows NT, Windows 2000, Windows XP, Windows Server 2003, Windows Server 2008, Windows Vista, and Windows 7. There is a separate download of CurrPorts for 64-bit versions of Windows. You can find more information about CurrPorts and how to use it on the website listed below.
Download CurrPorts from https://www.nirsoft.net/utils/cports.html.
Subscribe to TheNextGeek.com
Get the latest posts delivered right to your inbox