NetSpeedMonitor – A Double Duty Network Monitoring Tool

Regular readers here will remember, that I’m an advocate of utilities which provide users with the capability to double check which of their applications are connecting to the Internet – including the capability to monitor open ports and Internet connections.

CurrPorts is my tool of choice, since it allows me to view a list of ports that are currently in use, and the application (keep in mind, that malware, for all practical purposes – is an application) that is using those ports.

Recently, I came across a neat little application (free – but donations are encouraged), which duplicates some of the features of CurrPorts but in addition, includes a number of secondary capabilities which should be of interest to those users who need to monitor their data consumption on a session, daily, or monthly basis.

Directly after installation, NetSpeedMonitor sits in the system tray and displays data on current upload/download speeds – as shown in the following screen capture.

Hovering over the the NetSpeedMonitor icon generates addition data – Month/Day/Session.

Better yet, right clicking on the icon allows a user access to supplementary data from an expandable fly-out menu.

In the following example, I’ve selected “Network Connections” and its submenu, for illustrative purposes.

Again, from the fly-out menu, I’ve selected “Connections” and……..

…. the data displayed includes – TCP and UDP connections (established, listening, or closed), remote address, process ID for each connection, and the application/s using the connection/s.

Overall assessment – a cool little application that generates data which should prove valuable for those users who have a need to keep an eye on data caps or, users who have a need to monitor ports and connections.

System requirements: Windows XP, Server 2003, Vista, Win 7 (with a little finagling I ran the application on Win 8).

Languages: NetSpeedMonitor is available in multiple languages including, English, German, Spanish, Italian, and Russian.

Download at: Developer’s site.

System Explorer and System Security Guard – A Review

Depending on which version of Windows Task Manager you use, you may find that it provides you with usable information – or not. Windows Task Manager is most commonly used to display information on all processes running on your computer, as well as advising you of the CPU and memory usage stats for a given process. Additional selective information on running applications, performance, local area connection and information on users, is also available.

But, back to running processes for a moment. What if you need additional information on a running process – or, processes? How, for example, would you determine which processes are safe if you rely on Windows Task Manager?

Running Windows Task Manager in Windows 8 (a major improvement over previous versions), as I’ve done for the following example, is not particularly useful since the only option is a raw online search. Which, in a real sense, is a hit and miss affair. Give it a try with your version of Windows Task Manager – you might be surprised to see just how cumbersome it is.

Instead, taking advantage of one of the built-in features in the freeware application, System Explorer, is a much more appropriate solution. In the following example, the selected process can easily be checked at VirusTotal, and at VirusScan, directly from within System Explorer.

It’s unlikely however, that you’ll have to take this extra step – since System Explorer has been designed to automatically rate, and provide details on processes that are listed in the developer’s extensive database.

Further information can be obtained by clicking on the “See More Details” link which will open the database reference at the developer’s site, as shown below.

System Explorer is not a one-trick pony since it has the capacity to provide detailed information on Tasks, Processes, Modules, Startups, IE Add-ons, Uninstallers, Windows, Services, Drivers, Connections and Opened Files. For this review I’ve focused on the security aspect and next up is System Explorer’s “Security Scan” which is easily launched from the GUI.

As you can see in the following screen capture – running processes are checked online against the developer’s extensive database.

The following screen capture shows a small portion of the 808 processes compared against the developer’s database.

Additional information on any specific process can easily be obtained by clicking on the “Details” link, as illustrated below.

One aspect of this application which I found intriguing is the “History” function. Running this function allows the user to view and develop information on currently running processes as well as those process running earlier but which are no longer running.

System requirements: Windows XP, Vista, Win 7.

Download at: System Explorer Net

Note: also available in a portable version that is just right for geeks on the go.

System Security Guard

System Security Guard, in a broad sense, is very much like the “Security Scan” built into System Explorer. System Security Guard however, as a stand alone small security utility, is designed to run at system startup and automatically scan running processes. As well, all new processes, as they are launched, are scanned.

The results of the initial run with System Security Guard shown below.

For this review I set the application to run at startup, and the following graphic represents the results following a week or so of automatic running. You’ll note that the application has identified 4 “Threat Files” – which, in reality, is the same file which has been flagged 4 times (each time the application was launched).

The application (CurrPorts), was flagged for good reason since it behaves in a way similar to that of a remote access Trojan. That is – it connects to the Internet in a peculiar way.

For illustrative purposes only, I ran the file against the developer’s database. However, since I use this application frequently throughout the day, I’m aware that this is a safe program.

System requirements: Windows XP, Vista and Win 7.

Download at: the developer’s site.

A big “Thank You” to regular reader Charlie L. for referring me to these applications.

Who’s Phoning Home On Your Internet Connection? Find Out With CurrPorts and, Process and Port Analyzer

There’s not much point (from a cybercriminal’s perspective), in infecting a computer with malware unless the information which it’s been designed to capture, ends up in the nasty hands of the criminal.

Generally speaking then, it’s reasonable to say that the most important function of malware (again, from a cybercriminals perspective) is to “phone home” with the information it’s been designed to steal. It’s hardly surprising that much of the malware infecting the Internet does just that.

You can, if you like, trust that your AV solution will tip you off to any nasty behavior occurring in the background. But, as a follower of  the “better safe than sorry” school of thought, trusting in any AV solution to safeguard my systems in all instances, just doesn’t compute with me. There are no perfect AV solutions.

All to often, “new” malware has already rampaged through the Internet (despite the best AV providers have to offer), before average users become aware. As a result, I’ve long made it a practice to monitor my open ports and Internet connections frequently, throughout a browsing session.

At first glance you might think port checking is time consuming and not worth the effort. But it is worth the effort, and it’s not time consuming – it often takes no more than a few seconds. More to the point, in my view, it is a critical component of the layered defense approach to Internet security that regular readers of this site are familiar with.

There are a number of free real-time port analyzers available for download, and the following is a brief description of each. If you are familiar and comfortable with using the Windows command structure, then you may want to try the command line utility Netstat, which displays protocol statistics and current TCP/IP connections. This utility and the process, are covered later in this article.

But first:

CurrPorts (this is the port tool I use daily), allows you to view a list of ports that are currently in use, and the application (keep in mind, that malware, for all practical purposes – is an application) that is using those ports. You can close a selected connection as well as terminating the process using it.

In addition, you can export all, or selected items, to an HTML or text report. Additional information includes the local port name, local/remote IP address, highlighted status changes and more.

Shown in this screen capture – Browser is not running. No remote connections. Looks like I’m safe.

Shown in this screen capture – Browser is running. Thirty remote connections, all of which are legitimate.

Fast Facts:

View current active ports and their starting applications

Close selected connections and processes

Save a text/ HTML report

Info on local port name, local/remote IP address, highlighted status changes

Download at: NirSoft (you’ll need to cursor down the page to the download link).

Next up:

Process and Port Analyzer is a real time process, port and network connections analyzer which will allow you to find which processes are using which ports. A good little utility that does what it says it will do.

Fast Facts:

View currently running processes along with the full path and file which started it

View the active TCP Listeners and the processes using them

View the active TCP and UDP connections along with Process ID

Double click on a process to view the list of DLL’s

Download at: http://sourceforge.net

Netstat:

Windows includes a command line utility which will help you determine if you have Spyware/Botware running on your system. Netstat displays protocol statistics and current TCP/IP connections.

I use this utility as a test, to ensure that the anti-malware tools and Firewall running on my systems are functioning correctly, and that there are no open outgoing connections to the Internet that I am not aware of.

How to use Netstat:

You should close all open programs before you begin the following process if you are unsure which ports/connections are normally open while you are connected to the Internet. On the other hand, if you are familiar with the ports/connections that are normally open, there is no need to close programs.

There are a number of methods that will take you to a command prompt, but the following works well.

Click Start>Run>type “cmd” – without the quotes>click OK> this will open a command box.

In Windows 8 – type “cmd” at the Metro screen.

From the command prompt, type Netstat –a (be sure to leave a space), to display all connections and listening ports.

You can obtain additional information by using the following switches.

Type Netstat -r to display the contents of the IP routing table, and any persistent routes.

The -n switch tells Netstat not to convert addresses and port numbers to names, which speeds up execution.

The Netstat -s option shows all protocol statistics.

The Netstat-p option can be used to show statistics for a specific protocol or together with the -s option to show connections only for the protocol specified.

The -e switch displays interface statistics.

Running Netstat occasionally is a prudent move, since it allows you to double check which applications are connecting to the Internet.

If you find there are application connections to the Internet, or open ports, that you are unfamiliar with, a Google search should provide answers.

Steve Gibson’s website, Shields Up, is a terrific source of information where you can test all the ports on your machine as well as testing the efficiency of your Firewall. I recommend that you take the Firewall test; you may be surprised at the results!

Home Networking – Getting Started

Guest article by Mila Johnson

When computers first started becoming a normal part of the home, like a TV or VCR, networking was simply unheard of. After all, one computer was expensive enough and could do it all. Who in their right mind would have the budget, or the need, to have two or more computers?

How times have changed. Now – you might have a desktop for the kids’ homework, a laptop for your job, tablet PCs just for fun – and, maybe even a home media computer connected to the TV.

Computers have gotten cheaper and more necessary – and now, networking home computers is a must.

So how is it done?

Router

The first thing necessary to network home computers is a router. Home routers are getting cheaper all the time and are even more affordable with manufacturer discounts like HP coupon codes.

A router will connect the home network to the ISP’s modem, though sometimes the modem and router are combined in one piece of hardware provided by the ISP. Most routers today, have both wired and wireless components.

Wired or Wireless?

Wireless routers usually do have a handful of wired connections that can be used along with the wireless component. Home computers that will be stationary and located close to the router should be connected directly while portables like laptops and tablets should connect to the wireless network.

Both connections have pros and cons. Wireless is more convenient but, has a slower connection while wired is just the opposite.

Connections

Once computers are on the network, users can “see” each other’s computers via the Network link on the desktop or Control Panel. The easiest way to manage access is to establish local user accounts on each computer.

Since you’re not using a centralized server to control accounts, duplicate accounts with the same passwords need to be created on all computers. Once accounts are established, users can access each other’s computers, map drives and create links. Keep in mind that changing an account password on one computer necessitates changing it on the rest.

Security

Once all the home computers, laptops and tablets have been connected and corresponding user accounts have been created, it’s time to manage file security. After all, if you wanted to leave all files set to be accessed by the “Everyone” user group, there’s be no need to create accounts in the first place.

To manage file and folder security, the creator needs to right-click a file or folder and select “Properties.” Under the “Security” tab, users can be added or deleted and their level of permission can be adjusted. Users can be allowed read only, read write or outright denied.

Wired and wireless networks are now an integral part of our home lives. Homeowners who have multiple devices without properly networking them, however, are missing out on a lot of functionality. Adding user accounts and managing security allows home computer families to share files, work smarter and get the most out of their computer equipment.

Guest writer Bio – Mila Johnson is a freelance writer and blogger – with a passion for technology. When she is away from her computer, she enjoys the sport of kick boxing.

Who’s Using Your Ports? Find Out With These Free Port Analyzers

As a savvy Internet user you are well armed when it comes to ensuring your system is not open to compromise, or exploitation, by malware.

You have protected your machine with an appropriate defense system including a Firewall (either software or hardware), sound and effective antimalware applications (including anti-virus and antispyware), anti-keylogger, and an additional protection layer against zero-day threats with the installation of an application such as ThreatFire.

But, you can take your existing defense system to another level by installing a small application which will provide you with the tools you need to analyze the activity on your ports.

There are a number of free real-time port analyzers available for download, and the following is a brief description of two such applications.

If you are familiar and comfortable with using the Windows command structure, then you may want to try the command line utility Netstat, which displays protocol statistics and current TCP/IP connections. This utility and the process are covered later in this article.

But first:

Process and Port Analyzer 2

Process and Port Analyzer 2 is a real time process, port, and network connections analyzer, which will allow you to find which processes are using which ports. A good little utility that does what it says it will do.

Quick Facts:

View currently running processes along with the full path and file which started it.

View the active TCP Listeners and the processes using them.

View the active TCP and UDP connections along with Process ID.

Double click on a process to view the list of DLL’s.

Download at: Download.com

CurrPorts

CurrPorts allows you to view a list of ports that are currently in use, and the application that is using it. You can close a selected connection and also terminate the process using it.

As well, you can export all, or selected items to an HTML or text report. Additional information includes the local port name, local/remote IP address, highlighted status changes and more.

Quick Facts:

View current active ports and there starting applications

Close selected connections and processes

Save a text/ HTML report

Info on local port name, local/remote IP address, highlighted status changes

Download at: Download.com

Netstat:

Windows includes a command line utility which can help you determine if you have Spyware/Botware running on your system. Netstat displays protocol statistics and current TCP/IP connections.

I use this utility as a test, to ensure that the anti-malware tools and Firewall running on my systems are functioning correctly, and that there are no open outgoing connections to the Internet that I am not aware of.

How to use Netstat:

You should close all open programs before you begin the following process, if you are unsure which ports/connections are normally open while you are connected to the Internet. On the other hand, if you are familiar with the ports/connections that are normally open, there is no need to close programs.

There are a number of methods that will take you to a command prompt, but the following works well.

Click Start>Run>type “cmd” – without the quotes>click OK> this will open a command box.

From the command prompt, type Netstat –a (be sure to leave a space), to display all connections and listening ports.

You can obtain additional information by using the following switches.

Type netstat -r to display the contents of the IP routing table, and any persistent routes.

The -n switch tells Netstat not to convert addresses and port numbers to names, which speeds up execution.

The netstat -s option shows all protocol statistics.

The netstat-p option can be used to show statistics for a specific protocol or together with the -s option to show connections only for the protocol specified.

The -e switch displays interface statistics.

Running Netstat occasionally is a prudent move, since it allows you to double check which applications are connecting to the Internet.

If you find there are application connections to the Internet, or open ports, that you are unfamiliar with, a Google search should provide answers. A very good source of information is Steve Gibson’s website, Shields Up, where you can test all the ports on your machine, as well as testing the efficiency of your Firewall. Take the Firewall test; you may be surprised at the results!

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

2 Free Port Checkers – CurrPorts and Process and Port Analyzer

If I was a malware writer, and some days I wonder why I’m not since it’s so easy, the most important function of the malware would be to “phone home”, with the information I had targeted to steal. There’s nothing unusual about this, since much of the malware currently infecting the Internet does just that.

So, keeping that in mind, when I have an issue on one of my home machines, and occasionally I do, the very first thing I check is the state of the ports on that machine. Actually, since I’m involved in Internet security, I monitor my open ports and Internet connections frequently throughout a browsing session.

At first glance you might think port checking is time consuming and not worth the effort. But it is worth the effort, and it’s not time consuming. More to the point, in my view, it is a critical component of the layered defense approach to Internet security that regular readers of this site are familiar with.

I don’t want to shatter any illusions  for those of you who believe that the Internet is “free” but, when running a port checker, you might be unpleasantly surprised at the number of ad servers that hold open ports on your machine.

There are a number of free real-time port analyzers available for download and the following is a brief description of each. If you are familiar and comfortable with using the Windows command structure, then you may want to try the command line utility Netstat, which displays protocol statistics and current TCP/IP connections. This utility and the process, are covered later in this article.

But first:

Process and Port Analyzer is a real time process, port and network connections analyzer which will allow you to find which processes are using which ports. A good little utility that does what it says it will do.

Quick Facts:

View currently running processes along with the full path and file which started it

View the active TCP Listeners and the processes using them

View the active TCP and UDP connections along with Process ID

Double click on a process to view the list of DLL’s

Download at: Download.com

CurrPorts (this is the port tool I use daily), allows you to view a list of ports that are currently in use, and the application that is using it. You can close a selected connection and also terminate the process using it. As well, you can export all, or selected items to an HTML or text report. Additional information includes the local port name, local/remote IP address, highlighted status changes and more.

Quick Facts:

View current active ports and there starting applications

Close selected connections and processes

Save a text/ HTML report

Info on local port name, local/remote IP address, highlighted status changes

Download at: Download.com

Netstat:

Windows XP includes a command line utility which will help you determine if you have Spyware/Botware running on your system. Netstat displays protocol statistics and current TCP/IP connections.

I use this utility as a test, to ensure that the anti-malware tools and Firewall running on my systems are functioning correctly, and that there are no open outgoing connections to the Internet that I am not aware of.

How to use Netstat:

You should close all open programs before you begin the following process, if you are unsure which ports/connections are normally open while you are connected to the Internet. On the other hand, if you are familiar with the ports/connections that are normally open, there is no need to close programs.

There are a number of methods that will take you to a command prompt, but the following works well.

Click Start>Run>type “cmd” – without the quotes>click OK> this will open a command box.

From the command prompt, type Netstat –a (be sure to leave a space), to display all connections and listening ports.

You can obtain additional information by using the following switches.

Type netstat -r to display the contents of the IP routing table, and any persistent routes.

The -n switch tells Netstat not to convert addresses and port numbers to names, which speeds up execution.

The netstat -s option shows all protocol statistics.

The netstat-p option can be used to show statistics for a specific protocol or together with the -s option to show connections only for the protocol specified.

The -e switch displays interface statistics.

Running Netstat occasionally is a prudent move, since it allows you to double check which applications are connecting to the Internet.

If you find there are application connections to the Internet, or open ports, that you are unfamiliar with, a Google search should provide answers.

Steve Gibson’s website, Shields Up, is a terrific source of information where you can test all the ports on your machine as well as testing the efficiency of your Firewall. I recommend that you take the Firewall test; you may be surprised at the results!

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Port Testing With Process And Port Analyzer, CurrPorts and Netstat

Each time that you connect to the Internet you are wandering through a raucous neighborhood which has a reputation for being jam-packed with predators.

These predators are intent on stealing your money and personal information, installing damaging programs on your computer, or misleading you with an online scam.

As a savvy Internet user you are, most likely, generally well armed when it comes to ensuring your system is not open to compromise, or exploitation, by malware in the wild.

It is probable you have protected your machine with an appropriate defense system including a firewall (either software or hardware), a sound and effective malware suite (including anti-virus and spyware), and an additional protection layer against zero-day threats with the installation of an application such as ThreatFire, a free application developed by PC Tools.

But you can take your existing defense system to another level by installing a small application which will provide you with the tools you need to analyze the activity on your ports.

There are a number of free real-time port analyzers available for download and the following is a brief description of each. If you are familiar and comfortable with using the Windows command structure, then you may want to try the command line utility Netstat, which displays protocol statistics and current TCP/IP connections. This utility and the process are covered later in this article.

But first:

Process and Port Analyzer is a real time process, port and network connections analyzer which will allow you to find which processes are using which ports. A good little utility that does what it says it will do.

Quick Facts:

View currently running processes along with the full path and file which started it

View the active TCP Listeners and the processes using them

View the active TCP and UDP connections along with Process ID

Double click on a process to view the list of DLL’s

Download at: Download.com

CurrPorts allows you to view a list of ports that are currently in use, and the application that is using it. You can close a selected connection and also terminate the process using it. As well, you can export all, or selected items to an HTML or text report. Additional information includes the local port name, local/remote IP address, highlighted status changes and more.

Quick Facts:

View current active ports and there starting applications

Close selected connections and processes

Save a text/ HTML report

Info on local port name, local/remote IP address, highlighted status changes

Download at: Download.com

Netstat:

Windows XP includes a command line utility which will help you determine if you have Spyware/Botware running on your system. Netstat displays protocol statistics and current TCP/IP connections.

I use this utility as a test, to ensure that the anti-malware tools and Firewall running on my systems are functioning correctly, and that there are no open outgoing connections to the Internet that I am not aware of.

How to use Netstat:

You should close all open programs before you begin the following process, if you are unsure which ports/connections are normally open while you are connected to the Internet. On the other hand, if you are familiar with the ports/connections that are normally open, there is no need to close programs.

There are a number of methods that will take you to a command prompt, but the following works well.

Click Start>Run>type “cmd” – without the quotes>click OK> this will open a command box.

From the command prompt, type Netstat –a (be sure to leave a space), to display all connections and listening ports.

You can obtain additional information by using the following switches.

Type netstat -r to display the contents of the IP routing table, and any persistent routes.

The -n switch tells Netstat not to convert addresses and port numbers to names, which speeds up execution.

The netstat -s option shows all protocol statistics.

The netstat-p option can be used to show statistics for a specific protocol or together with the -s option to show connections only for the protocol specified.

The -e switch displays interface statistics.

Running Netstat occasionally is a prudent move, since it allows you to double check which applications are connecting to the Internet.

If you find there are application connections to the Internet, or open ports, that you are unfamiliar with, a Google search should provide answers. A very good source of information is Steve Gibson’s website, Shields Up, where you can test all the ports on your machine as well as testing the efficiency of your Firewall. Take the Firewall test; you may be surprised at the results!

Another Layer of Internet Safety – Probe Your Ports

Each time that you connect to the Internet you are wandering through a raucous neighborhood which has a reputation for being jam-packed with predators. These predators are intent on stealing your money and personal information, installing damaging programs on your computer, or misleading you with an online scam.

As a savvy Internet user you are, most likely, generally well armed when it comes to ensuring your system is not open to compromise, or exploitation, by malware in the wild.

It is probable you have protected your machine with an appropriate defense system including a firewall (either software or hardware), a sound and effective malware suite (including anti-virus and spyware), and an additional protection layer against zero-day threats with the installation of an application such as ThreatFire 3, a free application developed by PC Tools.

But you can take your existing defense system to another level by installing a small application which will provide you with the tools you need to analyze the activity on your ports.

There are a number of free real-time port analyzers available for download and the following is a brief description of each. If you are familiar and comfortable with using the Windows command structure, then you may want to try the command line utility Netstat, which displays protocol statistics and current TCP/IP connections. This utility and the process are covered later in this article.

But first:

Process and Port Analyzer is a real time process, port and network connections analyzer which will allow you to find which processes are using which ports. A good little utility that does what it says it will do.

Quick Facts:

View currently running processes along with the full path and file which started it

View the active TCP Listeners and the processes using them

View the active TCP and UDP connections along with Process ID

Double click on a process to view the list of DLL’s

Download at: Download.com

CurrPorts allows you to view a list of ports that are currently in use, and the application that is using it. You can close a selected connection and also terminate the process using it. As well, you can export all, or selected items to an HTML or text report. Additional information includes the local port name, local/remote IP address, highlighted status changes and more.

Quick Facts:

View current active ports and there starting applications

Close selected connections and processes

Save a text/ HTML report

Info on local port name, local/remote IP address, highlighted status changes

Download at: Download.com

Netstat:

Windows XP includes a command line utility which will help you determine if you have Spyware/Botware running on your system. Netstat displays protocol statistics and current TCP/IP connections.

I use this utility as a test, to ensure that the anti-malware tools and Firewall running on my systems are functioning correctly, and that there are no open outgoing connections to the Internet that I am not aware of.

How to use Netstat:

You should close all open programs before you begin the following process, if you are unsure which ports/connections are normally open while you are connected to the Internet. On the other hand, if you are familiar with the ports/connections that are normally open, there is no need to close programs.

There are a number of methods that will take you to a command prompt, but the following works well.

Click Start>Run>type “cmd” – without the quotes>click OK> this will open a command box.

From the command prompt, type Netstat –a (be sure to leave a space), to display all connections and listening ports.

You can obtain additional information by using the following switches.

Type netstat -r to display the contents of the IP routing table, and any persistent routes.

The -n switch tells Netstat not to convert addresses and port numbers to names, which speeds up execution.

The netstat -s option shows all protocol statistics.

The netstat-p option can be used to show statistics for a specific protocol or together with the -s option to show connections only for the protocol specified.

The -e switch displays interface statistics.

Running Netstat occasionally is a prudent move, since it allows you to double check which applications are connecting to the Internet.

If you find there are application connections to the Internet, or open ports, that you are unfamiliar with, a Google search should provide answers. A very good source of information is Steve Gibson’s website, Shields Up, where you can test all the ports on your machine as well as testing the efficiency of your Firewall. Take the Firewall test; you may be surprised at the results!