TamoSoft: Network Analysis Tools & Security Software
Contents

LAN Analyzer and Protocol Decoder - CommView
Site Survey Tool - TamoGraph Next Page
 
Introduction
About CommView
What's New
Using the Program
Overview
Selecting Network Interface for Monitoring
Latest IP Connections
Packets
Logging
Viewing Logs
Rules
Advanced Rules
Alarms
Reconstructing TCP Sessions
Reconstructing UDP Streams
Searching Packets
Statistics and Reports
Using Aliases
Packet Generator
Visual Packet Builder
NIC Vendor Identifier
Scheduler
Using Remote Agent
Using RPCAP
Capturing Loopback Traffic
Port Reference
Setting Options
Frequently Asked Questions
VoIP Analysis
Introduction
Working with VoIP Analyzer
SIP and H.323 Sessions
RTP Streams
Registrations
Endpoints
Errors
Call Logging
Reports
Call Playback
Viewing VoIP Logs
Working with Lists in VoIP Analyzer
NVF Files
Advanced Topics
Capturing High Volume Traffic
Working with Multiple Instances
Running CommView in Invisible Mode
Command Line Parameters
Exchanging Data with Your Application
Custom Decoding
CommView Log Files Format
Information
How to Purchase CommView
Contacting Us

Latest IP Connections

This tab is used for displaying detailed information about your computer's network connections (IP and IPv6 protocols only). To start capturing packets, select File = > Start Capture in the menu, or click on the corresponding button on the toolbar.

 

ipconnections

 

The meaning of the table columns is explained below:

 

Local IP – shows the local IP address. For inbound packets, it is the destination IP address; for outbound and pass-through packets, it is the source IP address.

Remote IP – shows the remote IP address. For inbound packets, it is the source IP address; for outbound and pass-through packets, it is the destination IP address.

 

The program automatically determines the location of any IP address, and depending on your geolocation settings, may show the country name or flag next to the IP address. For more information see Setting Options.

 

In – shows the number of packets received.

Out – shows the number of packets sent.

Direction – shows the session direction. The direction is determined based on the direction of the first packet received from or sent to the remote IP address.

Sessions – shows the number of established TCP/IP sessions. If no TCP connections were established (connections failed, or the protocol is UDP/IP or ICMP/IP), this value is zero.

Ports – lists the remote computer's ports used during the TCP/IP connection or connection attempt. This list can be empty if the protocol is not TCP/IP. Ports can be displayed either as numeric values or as the corresponding service names. For more information see Setting Options.

Hostname – shows the remote computer's hostname. If the hostname cannot be resolved, this column is empty.

Bytes – shows the number of bytes transmitted during the session.

Last packet – shows the time of the last packet sent/received during the session.

Process – shows the process on your computer that sends or receives packets in the session. Mapping packets to processes only works for incoming and outgoing packets, as CommView cannot be aware of processes running on other computers that send or receive packets. Naturally, there may be several applications on the local computer exchanging data with a remote computer, so the Latest IP Connections tab only shows the latest process that sent or received data for this particular pair of IP addresses. If you would like to map a process to a particular packet, you can see this information in the decoded packet tree in the Packets tab. CommView can display the full path to the process that sent or received packets, check the Display full process path checkbox in Settings => Options, General tab to enable this feature. When working in remote monitoring mode through Remote Agents, this column displays the IP address or the hostname of the Remote Agent from which the packets are being received; no process names will available. Please note that on some operating systems, this column will list process names only after you reboot the computer after the CommView installation.

 

You can show or hide individual columns by right-clicking on list header or using the View => Latest IP Connections Columns menu. The column order can be changed by dragging the column header to a new location.

 

 

Menu Commands

 

Right-clicking on the Latest IP Connections list brings up a menu with the following commands:

 

Quick Filter – finds the packets sent between the selected IP addresses and displays them in a new window. The same action is performed when you double-click on this window.

Copy – copies the local IP address, remote IP address, or hostname to the clipboard.

Show All Ports – displays a window with the complete list of ports used in communicating between the selected pair of IP addresses. This is useful when many ports were used, and they don't fit into the corresponding column.

Data Transfer – displays a window with information on the data transfer volume between the selected pair of IP addresses and the time of the last packet.

Jump To – allows you to quickly jump to the first/last packet with the selected source/destination IP address; the program will display the Packets tab and set the mouse cursor to the packet that matches the criterion.

SmartWhois – sends the selected source or destination IP address to SmartWhois, if it is installed on your system. SmartWhois is a stand-alone application developed by our company capable of obtaining information about any IP address or hostname in the world. It automatically provides information associated with an IP address, such as domain, network name, country, state or province, city. The program can be downloaded from our site.

Create Alias -- brings up a window where you can assign an easy-to-remember aliases to the selected IP address.

Process – allows you to obtain additional information about or perform actions with the process that sends or receives packets in the selected session. You can Terminate a process, see the File Properties dialog, or have the program Show Full Path to process' executable file.

Save Latest IP Connections As – allows you to save the contents of the Latest IP Connections tab as an HTML or a comma-delimited (CSV) report.

Clear Latest IP Connections – clears the table.

More Statistics  - shows a window with data transfer and protocol distribution statistics.