CurrPorts 2.5: sent and received bytes added to program

Martin Brinkmann
Mar 12, 2018
Updated • Mar 13, 2018

CurrPorts 2.5, a new version of the program that lists open TCP/IP network ports and connections, lists sent and received bytes, and sent and received packets in its interface.

CurrPorts by Nirsoft was one of the first programs that I reviewed here on Ghacks Technology News. The first CurrPorts review dated back to November 2005, the second to 2010.

The application lists processes that with open ports or connections when you run it. It lists programs that you started, a web browser like Chrome or Firefox, but also processes that started automatically or are listening on specific ports.

The program serves two main purposes in my opinion. First, as a helper program to harden a Windows PC. Harden in this context means to close ports that are open but not required. Hardening requires research often as you may not know if you can close a port like 135 or how to close it when you come to the realization that closing it has no negative impact on the functionality of the PC.

CurrPorts 2.5

CurrPorts is a portable program that you may run right after you have downloaded it to the local system and extracted the archive it is distributed as.

Some functionality requires elevated privileges; right-click on CurrPorts to run the program with administrative rights.

Version 2.5 of CurrPorts introduces new data columns for sent and received bytes, and sent and received packets.

You need to run CurrPorts 2.5 with elevated rights to see the new columns. Nir Sofer notes that the new columns are only displayed if "auto refresh" is enabled and if "collect send/receive bytes information" is turned on; this is the case by default for both of the options.

CurrPorts displays lots of information in a table when you run it. You may need to scroll to the right to display the new data columns in the interface.

Note that you may reorder the columns using drag and drop, and also hide columns by right-clicking on a column and selecting "choose columns" from the context menu.

A left-click on a column header sorts the list of processes using that metric. You may sort by sent or received bytes to display the processes used to transfer the most bytes, or to list all processes with data transfers.

You can disable auto refresh at any time using Alt-D to block the program from refreshing the whole table. Another option that you have is to export the data to analyze it in a different program.

Closing Words

CurrPorts 2.5 introduces sent and received bytes and packets information which extend the use of the application even further. You may use the new functionality to list all programs with network traffic; useful in finding out which programs connect to a network or Internet, and in prioritizing the hardening process.

Now You: Have you used CurrPorts in the past? What's your take on the application?

Related articles

software image
Author Rating
4 based on 5 votes
Software Name
Operating System
Software Category
Landing Page

Tutorials & Tips

Previous Post: «
Next Post: «


  1. John in Mtl said on March 13, 2018 at 10:06 pm

    I prefer using Sysinternals “TCPView”, which has had that functionality since forever. I do however, like Nir Sofers’ programs a lot and his “curports” has been around as long as TCPView, and it works well.

  2. Anonymous said on March 12, 2018 at 8:55 pm

    Watch out for Windoze Defender on this one, tags it as a trojan and automagically deletes it as soon as you try to unzip the file.

    1. chesscanoe said on March 13, 2018 at 1:38 am

      In contrast to Defender, AVG Internet Security marked the install as suspicious. and completed its analysis in an hour or two with a message it was OK to install.

  3. Emil said on March 12, 2018 at 8:23 pm

    A good way to have all Nirsoft, Winternals etc tools ready and updated is called WSCC, check it out

    1. A different Martin said on March 13, 2018 at 10:12 pm


      Seconded, except that I’m pretty sure WSCC doesn’t cover *all* Nirsoft and Sysinternals tools: it excludes several that it and a whole bunch of anti-malware programs consider to be “hacking” tools. (And I guess they are, but not if *you* use them on *your own* computer.)

  4. 11r20 said on March 12, 2018 at 7:24 pm

    I may recommend this to a few people to check out.

    Am using the paid version of NetLimiter
    that has a connection killer on each separate
    application(that can be expanded, showing all
    and a kill switch on all).

    Wonder if CurrPorts runs off the Base Filtering Engine like NetLimiter does.

  5. Sebas said on March 12, 2018 at 3:22 pm

    Regular user of of cports. With cports I found out Waterfox connects every time with my Facebook blocking host file, even when all extensions are disabled.

    So for me it is very useful to see what connections different browsers make at startup. Thanks for the update.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.