Looking for a TCP & UDP Monitor

Discussion in 'other firewalls' started by Cutting_Edgetech, Apr 28, 2014.

Thread Status:
Not open for further replies.
  1. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,950
    Location:
    USA
    I'm looking for a lightweight TCP & UDP monitor that is similar to the one Online Armor uses in the screen shot below. My requirements are it must give the local, and remote address. It must list the name of the application connected. It also must give the country of origin for the remote address which is the feature that is lacking from almost all the TCP & UDP monitoring utilities I have found. It would be a bonus if it monitors other protocols such as icmp, ftp, etc.., but this is not a requirement. It would also be nice if it gave information about the content of packets being sent, or received if the utility was still light on resources. I think this type of feature could make the utility a little heavy though.
     

    Attached Files:

  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,751
    Location:
    Texas
  3. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,950
    Location:
    USA
    I already use sysinternals, but it does not give the country of origin for the remote address as far as I know. Will Sysinternals append a country flag, and list the name of the country of origin for each connection?
     
  4. FOXP2

    FOXP2 Guest

    NirSoft CurrPorts should do 99% of what you need:
    -http://nirsoft.net/utils/cports.html-
    Scroll down to "The 'Remote IP Country' column" for info on adding that feature
    Also "Integration with IPNetInfo utility" is totally rocking.
    And worth a look:
    -http://nirsoft.net/utils/smsniff.html-
    -http://nirsoft.net/utils/http_network_sniffer.html-

    Cheers.
     
  5. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,950
    Location:
    USA
    Thank you FOXP2! I will check it out now. I already use some Nirsoft applications. They have so many applications it can be hard to find which one meets the criteria you are looking for.
     
  6. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,950
    Location:
    USA
    NOD 32 flagged it as an unsafe application. I'm going to upload it to VT, and wee what kind of hits I get.
     
  7. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,950
    Location:
    USA
    It got 2 hits. Probably false positives, but hard to be for sure after seeing even Combofix got infected last year.
     

    Attached Files:

    • VT.jpg
      VT.jpg
      File size:
      15.4 KB
      Views:
      25
  8. FOXP2

    FOXP2 Guest

    Forgot to post up this one...
    -http://nirsoft.net/utils/network_traffic_view.html-
     
Thread Status:
Not open for further replies.