MoonPoint Support Logo


Shop Amazon Warehouse Deals - Deep Discounts on Open-box and Used ProductsAmazon Warehouse Deals

Advanced Search
Sun Mon Tue Wed Thu Fri Sat

Mon, Jan 02, 2017 10:42 pm

Determining the program that is connecting to specific IP addresses

While troubleshooting a network issue using the free and open source (FOSS) network analyzer Wireshark, I noticed connections to IP addresses that I thought might be associated with adware sites. The connections were occurring from a Microsoft Windows 10 system. I suspected that the connections were occuring via a browser tab that was open to a website within the K-Meleon web browser, but I wanted to confirm that was the case and then, if it was, to attempt to identify the particular tab open in the browser and the web page that was responsible for the traffic, since there were several tabs open in the browser. There were also other browsers open on the system with multiple windows and tabs, so I might also need to check the tabs open in those browsers.

To see all of the connections to websites on the HTTP port, which is the well-known port 80, I can open a command prompt window and use the netstat command netstat -an and then pipe its output into the find command, looking for ":80". The -a option shows all connections and the -n option converts IP addresses and application layer protocols, such as HTTP, to numeric form.

[ More Info ]

[/os/windows] permanent link

Valid HTML 4.01 Transitional

Privacy Policy   Contact

Blosxom logo