Port Reporter Tool Available

[Kevin D. Goodknecht [MVP]]

This may be somewhat off topic, but I thought that since this tool logs all
TCP & UDP port activity giving the source and destination IP and can be used
to log DNS activity I thought I would post this here.
It has more functionality on Win2k3 but it also works on Win2k using logs
similar to IIS log files. I wouldn't recommend using it long term because it
does require quite a bit of disk activity on an Active Directory Domain
Controller since AD communicates using TCP/IP. But if you have some strange
activity and want to log this activity using log file format this tool may
help.
837243 - Availability and description of the Port Reporter tool:
http://support.microsoft.com/default.aspx?scid=kb;en-us;837243

 

[the confused]

thanks Kevin I will try it...

 

[Ace Fekay [MVP]]

This may be somewhat off topic, but I thought that since this tool logs all
TCP & UDP port activity giving the source and destination IP and can be used
to log DNS activity I thought I would post this here.
It has more functionality on Win2k3 but it also works on Win2k using logs
similar to IIS log files. I wouldn't recommend using it long term because it
does require quite a bit of disk activity on an Active Directory Domain
Controller since AD communicates using TCP/IP. But if you have some strange
activity and want to log this activity using log file format this tool may
help.
837243 - Availability and description of the Port Reporter tool:
http://support.microsoft.com/default.aspx?scid=kb;en-us;837243

Thanks Kevin.

Too bad it's not in realtime. Wonder if there's a realtime version of it?

Ace

 

[Kevin D. Goodknecht [MVP]]

In

Thanks Kevin.

Too bad it's not in realtime. Wonder if there's a realtime version of
it?

Ace

Hmm, interesting.
My Wingate firewall can log in realtime, all I have to do is add a rule to
report when TCP & UDP ports 1 - 65535 are accessed.

 

[Ace Fekay [MVP]]

Hmm, interesting.
My Wingate firewall can log in realtime, all I have to do is add a rule to
report when TCP & UDP ports 1 - 65535 are accessed.

There are also 3rd party tools as well that will do it in realtime for
Windows, but the one I was thinking of escapes me at the moment. With this
tool, you need to review the logs after the fact. Cisco throws the logs up
on the screen as they occur, such as Wingate, but it would be nice if
PortQry will do that too. Foundstone has some nice tools too, such as fport
that will tell you what ports are listening and opened by what app, but
doesn't go as far as this MS tool does.

--
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[tito]

With Foundstone FPort utility I have no information what ports are in
use on Win2k Server. I've tried as well vision app from their web site
at

http://www.foundstone.com/index.htm...ation.htm&subcontent=/resources/freetools.htm

but this tool probably is just GUI to FPort.

This is not case with WIN2K Pro.

 

[Ace Fekay [MVP]]

In

With Foundstone FPort utility I have no information what ports are in
use on Win2k Server. I've tried as well vision app from their web site
at

http://www.foundstone.com/index.htm...ation.htm&subcontent=/resources/freetools.htm

but this tool probably is just GUI to FPort.

This is not case with WIN2K Pro.

True... I know there's another one out there....


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory