If you have the Business or Ultimate edition of Vista, you have the added
luxury of being able to use the Reliability and Performance Monitor tool
(perfmon.exe, shown in Figure 7-34) to view a live list of applications
using your network connection, complete with the aforementioned PID,
bytes sent and received, and even the foreign address to which they??™re
Secure Your Networked PC | 427
Networking and
Internet
connected. You can even sort by network usage and find the processes
most responsible for hogging your connection.
This means that you can use the Active Connections Utility in conjunction
with the Windows Task Manager, as described here, to look up the program
responsible for opening any network port on your computer.
Don??™t be alarmed if you see a lot of open ports. Just make
sure you track down each one, making sure it doesn??™t pose a
security threat.
You may see svchost.exe listed in the Windows Task Manager, and reported
by the Active Connections utility as being responsible for one or more open
ports. This program is merely used to start the services listed in the Services
window (services.msc). For an example of a service Vista runs by default, but
shouldn??™t for security reasons, see the discussion of Universal Plug-and-Play
in ???Close Vista??™s Backdoors,??? earlier in this chapter.
Figure 7-34. Click the Network section in the Reliability and Performance Monitor to
view a list of all the programs using your network connection
428 | Chapter 7: Networking and Internet
Use an external port scanner
If you??™re using a firewall, such as the Windows Firewall feature built in to
Windows, it should block communication to most of the currently open
ports, even though they??™re listed by the Active Connections utility.
Pages:
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598