Netstat -o will show you the process ID associated with each connection. The -b switch gives you the executable name. Assuming you know the ip address of the other end of the connection, I'd run "netstat -o -n -b" and get the ID of the process making the connection. From there your regular task manager or Process Explorer type utility will get you where you want to go.
Process Explorer also has a TCP/IP tab which is occasionally useful. I just re-read your post. Do you really need to measure throughput when looking for the offending process? I guess I'm assuming that you know the ip of the foreign end of the connection already. On Tue, Jul 12, 2011 at 11:28 AM, Oliver Marshall < [email protected]> wrote: > Hi,**** > > ** ** > > Is there a tool anyone can suggest, other than wireshark, that we can use > to show which process on a server is using up bandwidth on the WAN > connection?**** > > ** ** > > We’ve narrowed it down to a particular server using the routers bandwidth > table feature. However we now need to find the process. We’ve disabled a > tonne of services but the bandwidth keeps being used up. **** > > ** ** > > Wireshark is great but, while it shows loads of information, it’s virtually > impossible to show anything meaningful that you can show to a non-techy. > Ideally I’d like to be able to show someone how to do this process when the > bandwidth dries up. What I’d also like is, ideally, some kind of output > showing which process is sending how much data to what server. **** > > ** ** > > Currports.exe shows an interesting set of results, nice and easy to use, > and easy for an end user, but one thing it doesn’t show is how much traffic > is being sent to a remote server so we have no way of knowing which of the > processes with external connections is the one at fault. **** > > ** ** > > Olly**** > > **** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
