Ever wonder what applications are either connected to the network or are trying to connect to the network? One way you can check this out without installing any additional software is to use the netstat command. To do this, open a command prompt and at the command prompt type netstat -nab What you’ll see is a comprehensive list of connections your computer is making to the network and also ports that applications have opened for either inbound or outbound connections. For example, check out the figure below:

This figure shows that OUTLOOK.EXE (which it Outlook 2007 on my computer) is making outbound connections from IP address 192.168.1.70 with a number of source ports (e.g., 4547, 4548, etc) to IP address 192.168.1.60 on destination port 8080. This information lets me know that Outlook is connecting to the Web Proxy listener port on my ISA firewall, and that some component in Outlook is connecting to the Internet. It could be that I’m looking at an HTML mail message, or it could be the Windows Live mail connector. In order to get information about where the connection is destined, I’d have to look at the firewall logs. But netstat does let me know that this application is trying to connect to the Internet.

Next time you’re wondering what applications on your computer are trying to connect to the network, give netstat a try. If you want to see what other options are available with netstat, just type in the command netstat /?

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)