2009-07-23 03:28:43 +0000 2009-07-23 03:28:43 +0000
36
36

我怎样才能看到所有的活动连接?

我最近上网速度很慢,我想可能是受到了攻击。一个朋友告诉我使用Wireshark,但它是一个大的安装,我没有时间去学习如何使用它。有没有更简单的方法可以看到我电脑上所有的连接,以便我采取进一步的行动?

答案 (5)

55
55
55
2009-07-23 03:30:02 +0000

你要找的是netstat命令。这个命令应该可以提供你要找的内容:

netstat -a

如果你还想查看哪些程序正在使用指定的端口,你可以使用:

netstat -b

使用netstat程序:

  • 进入开始菜单(或按Win + r跳到第3步)
  • 如果是XP系统,点击 “运行",如果是vista或更高版本,在搜索框中搜索cmd,然后跳到第4步。
  • 输入cmd
  • cmd打开后,输入netstat -a
  • 将会显示出所有打开的连接及其端口的列表

更多关于netstat的信息:

C:\Documents and Settings\Administrator\>netstat /? Displays protocol statistics and current TCP/IP network connections. NETSTAT [-a] [-b] [-e] [-n] [-o] [-p proto] [-r] [-s] [-v] [interval] -a Displays all connections and listening ports. -b Displays the executable involved in creating each connection or listening port. In some cases well-known executables host multiple independent components, and in these cases the sequence of components involved in creating the connection or listening port is displayed. In this case the executable name is in [] at the bottom, on top is the component it called, and so forth until TCP/IP was reached. Note that this option can be time-consuming and will fail unless you have sufficient permissions. -e Displays Ethernet statistics. This may be combined with the -s option. -n Displays addresses and port numbers in numerical form. -o Displays the owning process ID associated with each connection. -p proto Shows connections for the protocol specified by proto; proto may be any of: TCP, UDP, TCPv6, or UDPv6. If used with the -s option to display per-protocol statistics, proto may be any of: IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, or UDPv6. -r Displays the routing table. -s Displays per-protocol statistics. By default, statistics are shown for IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, and UDPv6; the -p option may be used to specify a subset of the default. -v When used in conjunction with -b, will display sequence of components involved in creating the connection or listening port for all executables. interval Redisplays selected statistics, pausing interval seconds between each display. Press CTRL+C to stop redisplaying statistics. If omitted, netstat will print the current configuration information once.
14
14
14
2009-07-23 03:32:22 +0000

Sysinternals TCPView

我还建议运行AutorunsProcess Explorer,也是在Sysinternals Suite中,以帮助诊断你的问题。

1
1
1
2016-04-18 08:42:17 +0000

如果你想简单的查看一下Windows 7系统中哪些连接是饿了,那么调出任务管理器、性能选项卡、资源监控器、网络选项卡。

0
0
0
2009-07-23 04:04:46 +0000

Prio http://www.prnwatch.com/prio.html )作为Windows任务管理器的一部分,可以提供一个更新列表连接,并提供一些额外的上下文,可以帮助你了解正在发生的事情。

0
0
0
2009-07-23 06:08:23 +0000

另一个选择是Extensoft免费任务管理器扩展

你可以看到活动端口与正在使用的进程对齐。