There are times where you want to monitor if a program connects to the Internet. Maybe you have just downloaded it and want to check if it connects to servers on the Internet.
This can be used to check if a program is phoning home for instance, or if it is making connections on its own without being initiated by you.
There are quite a few ways to monitor this, but there is none that is enabled by default on Windows. While you can make sure that no connection slips by, for instance by configuring strict outbound rules in the firewall or running a network monitor 24/7, it is often not helpful if you want to gain a quick overview as analysis and setup are usually complex time consuming processes.
I like to use Nir Sofer's CurrPorts application to check a program's Internet activity fast. While it is not as elegant as a network monitor that grabs every bit of traffic, it is very easy to use.
The program is portable and available as a 32-bit and 64-bit version. All you need to do is download it to your system, extract the archive once done, and run the single executable file that is in the target directory.
The program displays all established connections in its interface. You can easily sort the display by process name or, and that is better, drag the target icon (fourth from the left) on the application window to limit the data to it.
As you can see on the screenshot above, CurrPorts displays the remote address of every connection. It displays additional information such as the target hostname as well as time and date of the connection.
You can refresh the display manually with a click on the refresh button or hitting F5 on the keyboard, or enable the program's auto-refresh feature to have it update the data automatically in select intervals.
Once the data is displayed to you, you may want to analyze it to find out if it is legit or not. If you monitor Google Chrome for instance, you will notice that it makes many connections to Google servers regularly. In fact, all connections displayed on the screenshot above are to Google servers.
Suggested course of action
If you want to find out more about the connections that the program made, you need to look up IP addresses or hostnames.
While that is sometimes easy to answer, for instance if a program makes a connection to a company not related to it in any way, it can be difficult at times, for instance when Chrome makes connections to Google.
You cannot use CurrPorts to find out more about those connections. You do have a few options however:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.