Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: MS Releases free port Logger

  1. #1
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834

    MS Releases free port Logger

    Called "Port Reporter" MS released a tool to log port activity on new generation OS platforms. It runs as a service in the background and logs access to ports and can profile usage.

    Check it out here for the executable.

    The Port Reporter tool logs TCP and UDP port activity. The tool is a small program that runs as a service on a computer that is running Windows Server 2003, Windows XP, or Windows 2000.

    On Windows Server 2003 and on Windows XP-based computers, the service can log the following information:
    The ports that are used
    The processes that use the port
    Whether a process is a service
    The modules that a process loaded
    The user accounts that run a process
    Full Overview

  2. #2
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    Ha!
    Following the instructions that was provided here.

    Just installed it, started the service, went to look at event logs and they are all corrupt!
    They were just fine this morning... I looked at them just 10 min ago...

    Anyone else have that problem?

    BTW: I'm on XP Pro SP1, all available critical updates.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  3. #3
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834
    Hi Phish, I have same config.

    NO Issue here, you did install as local box admin?

    No insallation errors? There were about six different "Process Complete" dialogs on my install.

    Did the event viewer get corrupt before or after starting the service? The default install is set to manual start.
    West of House
    You are standing in an open field west of a white house, with a boarded front door.
    There is a small mailbox here.

  4. #4
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    I did install as local admin. I didn't check the event log after install. Just after I started the service. The system and app logs are corrupt. Not the security log.

    I can't tell if there were any installation errors because the logs are corrupt. But, at time of install, it didn't display any.

    Maybe I'll do a system rollback and try it again.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  5. #5
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,885
    No problems here Phissy. I looked over all three logs it created and the Event Viewer entries. All worked as described.

    However, I popped it on a Win2003 server, not an XP workstation.

    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  6. #6
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834
    Yes here too, Nothing in the app log but the successful start of the service.

    Perhaps you can check the port reporter logs in system32/log files and see if it's a corrupt install? That thing can generat some significant log files for security profiling. Preliminary analysis indicates a useful tool.
    West of House
    You are standing in an open field west of a white house, with a boarded front door.
    There is a small mailbox here.

  7. #7
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    Ok, finally got it working. I had to do a system roll back, then I reinstalled it just fine.

    The logs are pretty good. Better than the scripts that I made with fport, netstat and pstools...

    Cool little program.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  8. #8
    Junior Member
    Join Date
    Dec 2003
    Posts
    8
    Looks like a usefull tool!
    Has anyone used it on a dual nic W2k MS ISA Server?
    [glowpurple]Which is more powerfull, knowledge or imagination?[/glowpurple]

  9. #9
    Senior Member
    Join Date
    Nov 2001
    Posts
    1,255
    Can it log any other protocol usage, or just TCP/UDP?
    Chris Shepherd
    The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
    \"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
    Is your whole family retarded, or did they just catch it from you?

  10. #10
    Senior Member Maestr0's Avatar
    Join Date
    May 2003
    Posts
    604
    "The Port Reporter tool logs TCP and UDP port activity"


    -Maestr0
    \"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •