TCPView is a network tool that allows you to monitor TCP and UDP connections.TCPView will show all TCP and UDP connections on your endpoint systems, including the local and remote addresses and state of TCP connections. If ran on a Windows 2008 server, Vista, or XP system it will also report the process that owns the connection.
TCPView is supported on the following operating systems Windows NT/2000/XP and Windows 98/ME, if for some reason your still running that awful OS. TCPView also comes with a command line version called TCPvcon.
TCPView displays the following information:
Process
PID
Protocol
Local Address
Remote Address
Remote Port
State
Sent Packets
Send Bytes
Received Packets
Received Bytes
Using TCPView
TCPView is easy to use, basically all you need to do is open the program and that’s it. It will enumerate all active TCP and UDP connections resolving all IP addresses to their domain name versions. There is not a lot of configuration options within the program, its a a lightweight tool that’s ready to be run. A few options that can be changed is toggling the display of resolved names and you can change the refresh rate and which TCPView updates the connection status.
You can close established TCP/IP connections by selecting File -> Close Connections, or by right-clicking on a connection and choosing Close Connections from the resulting context menu.
In conclusion TCPView is a great tool for viewing TCP and UDP connections. Its small, easy to setup and very simple to use. I’ve used this tool several times to monitor TCP connections on an exchange server. Sometimes client connections do not get cleared out on the exchange server and need to be manually disconnected. This tool simplified the process and I was able to resolve customers outlook issues very efficiently.
Company: Microsoft
Website: http://technet.microsoft.com/en-us/sysinternals/bb897437.aspx
