Sign in to follow this  
Followers 0
MetalguyX

TCP / IP logs ?

9 posts in this topic

I need to see last logs of TCP/IP's connected to me, any programs or? dont need to see this moment ip's tcps,netstats etc. no... need to see logs from past...using windows vista, hate it but ok... pls help

ty for reading

0

Share this post


Link to post
Share on other sites

If you want to start logging all connections, your best bet (imo) is to install some sort of third party firewall (I don't know if any good ones off the top of my head) or use the windows firewall and set the log level to include allowed packets as well as dropped. It may take some configuration but you can set most good firewalls to log connections regardless of whether or not the firewall blocked the connection attempt. Alternatively, you can use something like tcpdump\wireshark\ethereal to log all connections, but I personally prefer the firewall method.

*edited to remove bogus info*

Edited by mecca_
0

Share this post


Link to post
Share on other sites

You can use wireshark to log all network traffic.

But keep in mind that whatever you do will be stored. Your downloads, your streaming video, everything. If you want to store for a matter of days that's going to take up quite a bit of storage space.

0

Share this post


Link to post
Share on other sites

windump.exe make a batch script and add it to your startup registry... you would have to figure out how to name each logg with a date year and time, got batch script skills?

i forget the windump commands

@echo off
windump -o logg.txt

Edited by 1qwert
0

Share this post


Link to post
Share on other sites

If you want to use Wireshark or tcpdump to make logs of all your connections, you don't have to log every packet. You can simply log the opening handshake and closing handshake to log the start and end times of any TCP connection. You can also capture all packets and run through a filtering program to get meta-data, rather than log all data. For example, the filter program can determine when TCP connections begin and end, what HTTP URLs you're hitting, what DNS names you're resolving, etc. There are a lot of options besides naively logging everything.

0

Share this post


Link to post
Share on other sites
Unless something changed with the windows firewall in vista, there is no OS inherent way to get a log of tcp connections.

Windows Firewall -> Advanced -> Security Logging -> Settings -> 'Logging options'

Alternatively, you can run 'netstat -aon 5' to see all current connections, updated every 5 seconds.

Edited by jabzor
0

Share this post


Link to post
Share on other sites

shoot.. i dont remember this command but i think it goes like this...

netstat -nb -t 10 > log.txt

netstat -nb -t 10 | log.txt

0

Share this post


Link to post
Share on other sites
Unless something changed with the windows firewall in vista, there is no OS inherent way to get a log of tcp connections.

Windows Firewall -> Advanced -> Security Logging -> Settings -> 'Logging options'

Thanks, I didn't know about that. I knew that it had logging but i didn't know that it was able to log successful connections as well. I haven't used a windows machine for more than about an hour since 2002, I guess it's starting to show.

Sorry for the misinformation on my part.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0