I was watching the latest edition of DNR and was formerly exposed to a couple of tools that I have had for a couple of years, but not put much thought into. DebugView and TCPView (from SysInternals).

DebugView is an application that lets you monitor debug output on your local system, or any computer on the network that you can reach via TCP/IP. It is capable of displaying both kernel-mode and Win32 debug output generated by standard debug print APIs, so you don’t need a debugger to catch the debug output your applications or device drivers generate, and you don't need to modify your applications or drivers to use non-Windows debug functions in order to view its debug output.

TCPView is a Windows program that will show you detailed listings of all TCP and UDP endpoints on your system, including the owning process name, remote address and state of TCP connections. TCPView provides a conveniently presented subset of the Netstat program that ships with Windows NT/2000/XP.

I used the later when trying (for giggles) to see what ports and locations a Trojans was using on a friends machine (it was a long weekend). I love the simplicity and the lack of installation, both these applications are in my tools folder on my USB stick, a must have!

"To love an idea is to love it a little more than one should." - Jean Rostand

Technorati tags: ,