If you so desire you can force a connection to be closed by either right-clicking on the relevant connection and selecting ‘Close Connection’ or via the File menu option. If you only want to ‘save’/copy the data from a single connection you can click on it and just use CTRL+C then paste into Notepad, example below with resolution enabled and disabled. The text file format is tab delimited ASCII text so it’s nice and easy to import this into Microsoft Excel to review the data outside of the Sysinternals tool. The interface results can be saved by clicking on the save icon on the toolbar, the key combination CTRL+S or via the File menu options. If you change this option the interface will refresh itself. This can be achieved by clicking the toolbar button which looks like a pipe or using the key combination CTRL+U. This can be toggled via the Options menu ‘Resolve Addresses’, using the key combination CTRL+R or by clicking on the ‘A’ symbol in the toolbar.īy default all connection types are shown however you may wish to only show those which are connected. As an example, if you have a connection using SSH and resolve is enabled the interface will show the port as ‘SSH’ however if you turn off resolution it will just show the port number of 22. This means both the IP address and port will be resolved to their DNS and friendly names. Name resolution is performed by default when launching the program. Connections which have switched between states are highlighted in yellow. New connections between refreshes are highlighted in green while those connections that have been removed are highlighted in red. On a busy system it may be easier to pause the automatic refresh and use ‘manual’ mode by pressing F5 to perform a refresh on demand.
The interface by default will automatically refresh every second however this can be changed to 2 seconds, 5 seconds or paused completely. What information does it present and how do I use it? This can be valuable when trying to understand which processes connections are tied to, whether for troubleshooting or documenting/security. If you are familiar with the netstat command you can consider TCPView as a graphical version TCPView displays both IPv4 and IPv6 TCP/UDP connections on your system alongside the process which owns them.
This is the first post in a series covering various Sysinternals tools – today we will look at TCPView.
0 kommentar(er)
