The RSNetMon
application
is a program for monitoring the network activity and the
TCP-UDP open ports. It works fine on Windows
95/98/ME/NT40/2K/XP/VISTA/7/8,
although all of its features are only reached
on Windows XP-SP2/VISTA/7/8.
This application has been entirely programmed in assembly using the Easy
Code free software, a visual
programming environment available for no cost at:
When starting the application, a new two-montitor icon, lighting on and off depending on the network activity, will appear at the right side of the task bar. If you right-click on that icon, the main menu shown below will appear:
The Show Monitor option shows or hides the monitor window, but it does not exit the application. This window can be resized in order to take the minimum space on the screen (see REMARKS in the MONITOR chapter).
The Always on top option makes the monitor window to be on the top (always visible), even if the active window is another one. Unchecking this option will cause the monitor to behave in the usual way, that is, to go to a second plane when another window is clicked.
The Settings option allows you to customize the monitor with several options and colors for the download and upload meters.
The Priority option specifies the priority for the monitor (high, normal, low).
The Affinity option specifies the number of cores used by the monitor (this option will not be shown if the processor does not have more than one core).
The Countdown
option shows two
submenus:
The Activate option starts the countdown.
The Settings
option allows you
to choose the download speed in which the countdown will be activated.
It shows the following window:
The About option shows information about the program and its author.
The Network connections option opens the network connections window.
The Exit
option terminates the network monitor application and its icon is
removed from the task bar.
REMARKS:
For a better operation of the RSNetMon program, it is highly
recommended to run it as an Administrator.
The monitor
window has
three tabs: Activity,
TCP ports
and UDP
ports, showing information,
respectively, about the network activity and the TCP-UDP ports being
open.
The Activity
tab is divided into three different areas, showing various
information about the adapter (or adapters) and the network activity.
In the Adapter
area there is a combined box
containing all network adapters installed on the computer. Depending on
the selected adapter, the corresponding
IP address, net submask and adapter speed will be shown.
In the Bytes
area,
you can see how many bytes have been sent and received (referred to the
network adapter selected in the previous
area) since the computer was powered up, and a two-monitor icon, for
downloads and uploads,
lighting on and off depending on the network activity.
The Per second transfer
speed area shows the two speed
meters and the transfer speed, reached at each second, during downloads
and
uploads. As you will see later on, this speed can be configured so that
it is specified in bits
or
Bytes.
REMARKS:
The network monitor can be resized so that only the
Per second transfer speed
area is visible. To do so, just double-click on the title bar. Also you
can
right-click on the title bar, and select the Resize
option of the context menu being shown. Both, large and
small windows, save their position on the screen separately.
The TCP ports tab shows a list with all open TCP ports, where you can see the Local port, the Remote port and the port State. Besides, if you move the mouse pointer over the list, the title bar of the monitor will show the process using the referred port. This last feature is only available on Windows XP-SP2/VISTA/7/8.
By
clicking the header on each column, the various items
will be ordered, alternatively, from minor to major and from major to
minor. On the other hand, if you right-click
on any of the ports in the list, the following menu will appear:
The Close port option closes the selected TCP connection port and it can be useful if any suspicious activity is detected.
The Terminate process option (only available on Windows XP-SP2/VISTA/7/8) closes the selected port and it also terminates the process using that port. This process can be a service or a running appplication, for example, an internet navigator or a system service.
The Details option shows the window below, with more detailed infomation about the selected port. There you can see the local and remote ports, their corresponding IP addresses and the process or application (only available on Windows XP-SP2/VISTA/7/8) using the port.
The Refresh
option reads all open TCP ports again and updates the list. This
update can also be automatically done as it will be seen in the SETTINGS
chapter.
NOTE:
It is not always possible to close a port or terminate a process, as
some of them are critical for the operating system. If a port cannot be
closed, or a process cannot be terminated,
no warning message is shown, but the referred port or process is not
removed from the list. That way, no
unnecessary and annoying messages are generated.
IMPORTANT:
You must take care when terminating a process, as the system
may crash. If that happens, you will have to reboot the computer.
The UDP ports tab shows a list with all open UDP ports, where you can see the Port, the IP address and the Process using the referred port. This last feature is only available on Windows XP-SP2/VISTA/7/8.
By
clicking the header on each column, the various items
will be ordered, alternatively, from minor to major and from major to
minor. On the other hand, if you right-click
on any of the ports in the list, the following menu will appear:
The Terminate process
option terminates the process using the referred
port. This option is only available on Windows XP-SP2/VISTA/7/8.
The Refresh
option reads all open UDP ports again and updates the list. This
update can also be automatically done as it will be seen in the SETTINGS
chapter.
NOTE:
It is not always possible to terminate a process, as some of them are
critical for the operating system. If a process cannot be terminated,
no warning message is shown, but the referred
process is not removed from the list. That way, no unnecessary and
annoying messages are generated.
IMPORTANT:
You must take care when terminating a process, as the system
may crash. If that happens, you will have to reboot the computer.
This option shows the window below, where you can see two different areas, Meter and Ports, containing several groups where you can set the parameters of the application.
The Transfer speed (which is numerically specified by the side of each meter in the Activity tab) will be shown as bits or Bytes (and their corresponding multiples kb, kB, Mb and MB) depending on that option. Bits are specified with a lower b, while Bytes are specified with an upper B.
The Color group shows the download and upload icons and their corresponding colors. Clicking on the little button under each of them, will show the color palette so that you can select any other color.
The Range group allows you to select the more convenient scale for each meter, depending on the available network speed. If this range is too low, the meter can be completely lighted on even if the tansfer speed is not too high. On the other hand, if the range is to high, the meter can never light on or just a little.
The Refresh
group, in the Ports
area,
allows setting the interval in which the ports list will be
periodically updated. This interval can be any number
between 0
and 9
(both included). A value of 0
(default value) will specify that no automatic
update will occur, while any other value will specify the number of
seconds in which the list will be repeatedly
updated.
The About option shows information about the network monitor version and its author, and makes the following window to appear:
The TCP ports
state is
specified using some standard english words. Here is their
meaning (as specified by MSDN help):
CLOSED
The TCP
connection is in
the CLOSED state that represents no connection state
at all.
LISTEN
The TCP
connection is in
the LISTEN state waiting for a connection request
from any remote TCP and port.
SYN_SENT
The TCP
connection is in
the SYN-SENT state waiting for a matching connection
request after having sent a connection request (SYN packet).
SYN_RCVD
The TCP
connection is in
the SYN-RECEIVED state waiting for a confirming
connection request acknowledgment after having both received and sent a
connection request (SYN packet).
ESTABLISHED
The TCP
connection is in
the ESTABLISHED state that represents an open
connection, data received can be delivered to the user. This is the
normal state for the data transfer phase of the
TCP connection.
FIN_WAIT1
The TCP
connection is
FIN-WAIT-1 state waiting for a connection termination
request from the remote TCP, or an acknowledgment of the connection
termination request previously sent..
FIN_WAIT2
The TCP
connection is
FIN-WAIT-1 state waiting for a connection termination
request from the remote TCP.
CLOSE_WAIT
The TCP
connection is in
the CLOSE-WAIT state waiting for a connection
termination request from the local user.
CLOSING
The TCP
connection is in
the CLOSING state waiting for a connection termination
request acknowledgment from the remote TCP.
LAST_ACK
The TCP
connection is in
the LAST-ACK state waiting for an acknowledgment of
the connection termination request previously sent to the remote TCP
(which includes an acknowledgment of its
connection termination request).
TIME_WAIT
The TCP
connection is in
the TIME-WAIT state waiting for enough time to pass
to be sure the remote TCP received the acknowledgment of its connection
termination request.
DELETE_TCB
The TCP
connection is in
the delete TCB state that represents the deletion of
the Transmission Control Block (TCB), a data structure used to maintain
information on each TCP entry.
Copyright © 2009-2013 Ramon
Sala
rsala@easycode.cat
www.easycode.cat