It was a suggestion from a colleague who told me to try TCPView when I asked him about a tool to check SQLServer Connection instances created from a program that I was developing.
The problem was perplexing from a coding standpoint as the program was running out of memory due to excessive connections being created. All I need is to check whether my program is not forgetting to free any DB connection instances when it is terminated and this TCPView for windows give me what I need.
You can see TCPview in action in the following diagram, it’s not a complicated program to use but the information it provides is invaluable to any developer of client side software especially.

When you start TCPView it will enumerate all active TCP and UDP endpoints, resolving all IP addresses to their domain name versions. You can use a toolbar button or menu item to toggle the display of resolved names. On Windows NT, 2000 and XP systems TCPView shows the name of the process that owns each endpoint.

By default, TCPView updates every second, but you can use the View|Update Speed menu item to change the rate. Endpoints that change state from one update to the next are highlighted in yellow; those that are deleted are shown in red, and new endpoints are shown in green.
You can close established TCP/IP connections (those labeled with a state of ESTABLISHED) by selecting File|Close Connections, or by right-clicking on a connection and choosing Close Connections from the resulting context menu.

If you want to see who owns the domain registered for a remote address, select the item containing the name and choose Whois from the context menu or the File menu. You can save TCPView’s output window to a file using the Save menu item.    For any computer connected to the internet, you’ll almost certainly be surprised about some of the connections it identifies.  You’ll see your computer probably making a host of outbound connections that you don’t recognize, many of these will be completely legitimate.  However it’s often surprising to see  how much of your network resources are being utilized by programs which you may rarely use. Anything from that paint program to that free VPN trial you tested several years ago!

One of the most common examples is programs and applications which allow themselves to make outbound connections in order to keep them selves updates.  For instance, even Windows will check regularly for security patches and updates which can be installed automatically or on user demand.  The Windows update can be configured to function in the role the user prefers, although it’s default is to check, download and install automatically.   Other programs are not so configurable, and you’ll often find some long forgotten application downloading and installing huge updates in the background.

In corporate networks these updates can be managed centrally more efficiently, by downloading the update and distributing it from an update server.   These can usually be stored on proxies, which you may be familiar with from privacy protection servers like sneaker or rotating proxies like in this post –, you can do this on your home network but it does takes significant effort and some coding skills to manage updates outside the primary OS ones.

Leave a Reply

Your email address will not be published. Required fields are marked *