Check which processes are connected to the internet

Asked

Viewed 112 times

6

It is possible to check which processes are connected to the internet and what is their destination?

c# .net networks

  • Take a look at [tour]. You can accept an answer if it solved your problem. You can vote on every post on the site as well. Did any help you more? You need something to be improved?

2 answers

5

It doesn’t seem very simple. I’ve also never tried to do this but I found some answers in the OS.

It seems that the simplest way is to call an external process and run the Windows utility to inform this. It would be something like:

var process = new System.Diagnostics.Process { //se usar o using não precisa do namespace
    StartInfo = new ProcessStartInfo {
        StartInfo.FileName = "netstat.exe";
        StartInfo.Arguments = "-abnot";
        StartInfo.WindowStyle = ProcessWindowStyle.Hidden;
        RedirectStandardOutput = true;
    }
}
process.Start();
while (!process.StandardOutput.EndOfStream) {
    var line = process.StandardOutput.ReadLine();
    // faz alguma coisa com o conteúdo de cada linha recebida do processo
}

I put in the Github for future reference.

There is also the alternative of using P/Invoke and creating an API access with GetExtendedTcpTable(). But I don’t know how to do.

I found an answer in the OS that shows how to do at least the basic access (I don’t know if it solves for you). Yeah, it’s not simple.

0

Da to do using WMI. Making a query in the table Msft_nettcpconnection.

Take an example:

public enum TcpState
{
    Closed = 1,
    Listen = 2,
    SynSent = 3,
    SynReceived = 4,
    Established = 5,
    FinWait1 = 6,
    FinWait2 = 7,
    CloseWait = 8,
    Closing = 9,
    LastAck = 10,
    TimeWait = 11,
    DeleteTCB = 12
}

static void Main(string[] args)
{
    ManagementScope scope = new ManagementScope("\\\\.\\ROOT\\StandardCimv2");
    ObjectQuery query = new ObjectQuery("SELECT * FROM MSFT_NetTCPConnection");
    ManagementObjectSearcher searcher = new ManagementObjectSearcher(scope, query);
    ManagementObjectCollection queryCollection = searcher.Get();


    foreach (ManagementObject m in queryCollection)
    {
        if (int.TryParse(m["OwningProcess"].ToString(), out int r))
        {
            var processInfo = Process.GetProcessById(r);
            WriteLine("LocalPort: {0} - State: {1} - Process {2}", m["LocalPort"], Enum.GetName(typeof(TcpState), m["state"]), processInfo.ProcessName);
        }
    }

    Console.ReadKey();
}

Browser other questions tagged c# .net networks

You are not signed in. Login or sign up in order to post.