How can I monitor the TCP traffic to a port for a given IP?

tcp

What I need to see is the TCP messages sent to a port for a given IP. So for example

127.0.0.1:11000

How can I see all the TCP messages being sent to that port?

This has to work with Windows, either Windows 2003 or XP

I have tried WireShark, but I don't know the proper filter.

The soluiton does not have to wireshark, but the solution must cost nothing.


The filter language for Wireshark is taken from tcpdump/pcap-filter. Please click on the link for a reference.

So, for example, to filter on all messages with destination 127.0.0.1:11000 you would use the following expression: tcp port 11000 and dest host 127.0.0.1.


Wireshark traffic filters are explained here : http://www.wireshark.org/docs/wsug_html_chunked/ChCapCaptureFilterSection.html

Basically in your case, you need

tcp port 11000 and host localhost

The wireshark expression is ip.addr == 127.0.0.1 and tcp.port == 11000

Also, you could use Microsoft Network Monitor 3.3, which might look a little more familiar. The display (or capture -- syntax is the same) filter for that would be: TCP.DstPort == 11000 and Ipv4.Address == 127.0.0.1

Related

Can you download Hyper-V?
Providing high availability and failover using MySQL on EC2
Why are there two backplane connectors inside a Dell poweredge r410?
How to launch a process after some period of inactivity in Windows?
Difference between CurrentClockSpeed and MaxClockSpeed
How do I reset all BITS jobs from PowerShell?
Distributed Server Monitoring Solution [closed]
Why is ksoftirqd using 100% of the CPU?
Linux Teamviewer functionality, but for ssh only
RAID Read/Write Speed Gradually Slows
how to configure ISPConfig for mod_python or mod_wsgi? [closed]
Laptop Backup Software (Corporate)?