How to determine what app is generating network traffic?
Open Command Prompt (cmd.exe), execute
netstat -b
and look for 'ESTABLISHED' connections. Add -n
to disable name resolution.
The question is for Windows XP, but I arrived here through google looking for info on later Windows versions. If you're running Windows 7 or later:
- Start Task manager (right click taskbar and choose Task manager)
- Switch to the "Performance" tab
-
Click "Open Resource Monitor" at the bottom.
(or)
Press Win+R and type
resmon
-
Expand the "Network" section and wait for it to update.
click to enlarge
I'm guessing this would be similar to sgmoore's Process monitor answer, but we can now do this with a built in tool in windows 8.
netstat -ab
That will give you all TCP and UDP ports along with the respective executables involved in the communication.
For a more visual indication indication of your current connections you may want to search for netowrk monitoring tools, or probably have one available already if you are using a personal firewall the likes of Comodo.
Here's two such tools:
A Visual Netstat (Thaddy's Netstat)
Net Tools 5.0 (a suit of monitoring and information tools)
Another handy method if you do not have huge network traffic is Sysinternals Process monitor which can be configured to monitor network traffic. It can be left running and should show what applications are accessing the network and the address/ipsite they are calling.