Vista constant network activity

[porchrat]

Hi all didn't really know where to post this, but this seems like the right place.

I run a small network with 7 machines on it. One of those machines is running Vista and it shows constant network activity. Is there some sort of application I could run that can monitor incoming and outgoing connections on this machine?

I've also been looking into the constant HDD activity, but that seems to be related to the various backup and indexing background services.

Any suggestions would be most appreciated.

 

[mercurial]

Making Vista faster - removing all those annoying services and settings to speed up your pc. http://www.pcstats.com/articleview.cfm?articleid=2262&page=1

 

[Paradigm]

Wireshark

Run it on the Vista box, and you'll see all network traffic going through the port.

 

[SuPaStA]

^^^^^^^^^^^^^^^^
YA was about to post that.

Wireshark is your answer.

 

[koffiejunkie]

netstat -ntpa

Oh wait, you said Windows. Sorry

<paranoia>
It's probably phoning home
</paranoia>

 

[gregmcc]

all machine will show some kind of network activity when there's a few machine on the network. The machines will all respond to broadcasts/arp requests etc etc/

But if its constantly downloading something it could be malware. As the posters above said - wireshark is your best bet. You can also run tcpview from sysinternals (now MS) - it works pretty well and show tcp/udp connections. Also look at autoruns from the same people - it shows all programs that autostart on reboot/logon. A lot of those can be removed - applications have a habit of putting auto updatets in the autostart to download/check for new versions.