For example, you can create a simple PowerShell script to track if the connection is established from the specific IP address to the specified local port and display a pop-up notification to the administrator. You can use the Get-NetTCPConnection cmdlet in various scenarious. If ($Connection.ProcessName -like $TrackProcessName) Path}}, OffloadState,CreationTimeįoreach ($Connection in $EstablishedConnections) $EstablishedConnections = Get-NetTCPConnection -State Established |Select-Object -Property LocalAddress, $_.RemoteAddress).NameHost}},RemoteAddress, RemotePort, -Id $_.OwningProcess). To do it, you can use the following PowerShell script: You can view only network connections initiated by the specific process. Get-WmiObject Win32_Service | Where-Object -Property ProcessId -In (Get-NetTCPConnection).OwningProcess | Where-Object -Property State -eq Running | Format-Table ProcessId, Name, Caption, StartMode, State, Status, PathName By the name of a parent process PID, you can display the list of related Windows services that are using the network:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
March 2023
Categories |