How to check what connections a given process has created to the internet

Question

I mean, if you use tools like NetLimiter, they let you know that a given process that connections to IP1, IP2, etc. I am using packet sniffing for my application, but I only need to packet sniff one application, so I'd like to know to what ip addresses that application is connected. Any easy way to do this? I am using a wrapper for WinPCap.

edit: After googling I came to know about the -netstat -bno command. It seems to do what I want, but I'd like to know if there are any specific functions do do it. Otherwise, I'll use this.

edit2: w i n d o w s !

Answer 1

What platform are you on? I assume Windows?

Answer 2

If you are on Linux you can say "netstat -nap" which will list open network and UNIX domain sockets.

Also you can read info like this from /proc/net/tcp and /proc/net/udp. This page http://linuxdevcenter.com/pub/a/linux/2000/11/16/LinuxAdmin.html should get you started.

Answer 3

As you suggest, use the windows equivalent;

netstat -abnot

Answer 4

Take a look at GetExtendedTcpTable(), and it's related listed functions. C or C++, I imagine the VB equivs have similar names if your taste is VB.

http://msdn.microsoft.com/en-us/library/aa365928%28VS.85%29.aspx